> > Asymmetric ciphers like RSA are used on very small pieces of
> > information,
> > not on bulk data. In the case of encryption, the asymmetric algorithm is
> > used to securely exchange a random small number that is then
> > used as the key
> > in a symmetric algorithm like blowfish or AES.


> This "number" is only one of parameters used by symmetric key generation
> routine which generates keys used by symmetric algorithms like AES.
> This number is not used directly as symmetric key.


> Marek Marcola


You are, of course correct. This is misstated surprisingly often. See, for
example:

https://www.covalent.net/resource/do.../ProductGuide/
sslfeatures.html
http://www.ipswitch.com/support/ws_f...lconfiga2.html
http://www.iusmentis.com/business/ep...securepayment/
http://hostsure.com/2i_ssl.shtml
http://www.dell.com/content/topics/g..._ssl?c=us&l=en
&s=gen

DS


__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majordomo@openssl.org