Chapter 3 using certificates, Ldap server ssl encryption – Panasonic NN46110-600 User Manual

71

Chapter 3

Using certificates

Digital certificates bind an entity’s public encryption or signing key to its identity,

and verify that identity with a trusted third party (the certification authority). You

use digital certificates for authenticating both LDAP and VPN connections.

LDAP server SSL encryption

Secure socket layer (SSL) provides Internet security and privacy and ensures

privacy between the VPN Router and the external LDAP server. The SSL protocol

negotiates encryption keys and authenticates the server before any data is
exchanged. SSL maintains the transmission channels security and integrity

through encryption, authentication, and message authentication codes. The SSL
implementation supports the following encryption methods:

•

RC4 128-bit MD5 encryption—most secure method. The longer the

encryption key, the more secure the encryption. US export law controls the
export of 128-bit encryption keys.

•

DES 56-bit SHA encryption—mid-level encryption method, less secure than

RC4-128, but more secure than RC4-40.

•

RC4 40-bit MD5 encryption—least secure method of encryption.

You can configure SSL parameters when you switch from internal to external

LDAP servers.

Nortel VPN Router Security — Servers, Authentication, and Certificates