SQL Server 2000 and SSL Encryption - Implementation Specifics need

SQL Server 2000 and SSL Encryption - Implementation Specifics need

Post by VmVudWdvcG » Wed, 03 Nov 2004 07:52:01


We have read all the articles and previous posts related to SSL enabling SQL
server connections. We have also succesfully implemented "Force Protocol
Encryption" on both the client and the server with self signed certificates.

We would like to know the internals of how the SSL handshake takes place,
specific to SQL Server and what algorithm is used to encrypt the traffic. We
have to provide the specific algorithm (in the SSL suite) being used by SQL
server. This information is required for our internal security review and
evaluation.

Any input is greatly appreciated
--
Venugopal Jagannathan
Verizon Communications
 
 
 

SQL Server 2000 and SSL Encryption - Implementation Specifics need

Post by VmVudWdvcG » Wed, 10 Nov 2004 01:55:05

Should we call PSS to know the answer ?

 
 
 

SQL Server 2000 and SSL Encryption - Implementation Specifics need

Post by kevm » Wed, 10 Nov 2004 09:44:49

The internals of the handshake within the network library is not public.
We call the Crypto API within the network library. The client will require
the Trusted Root Authority to be updated if the client request the
encryption. Otherwise, the server merely encrypts the traffic.

Thanks,

Kevin McDonnell
Microsoft Corporation

This posting is provided AS IS with no warranties, and confers no rights.