Once the client has been authenticated, the server sends out the session key
This is used to encrypt and decrypt all communications between the two machines for the duration of the session
Many secret key algorithms can be used for the session key (Data Encryption Standard (DES), RSAÅfs RC4, or the IDEA algorithm)
Most browsers support at least 40-bit RC4 encryption
Some (including Navigator 5.x and later and Internet Explorer 5.x +) can support DES and up to 128-bit RC4
III. Technical security
| Previous slide | Next slide | Back to first slide | View graphic version |