This update adds support for the following Advanced Encryption Standard (AES) cipher suites in the Schannel.dll module for Windows Server 2003:
• TLS_RSA_WITH_AES_128_CBC_SHA AES128-SHA
• TLS_RSA_WITH_AES_256_CBC_SHA AES256-SHA
Note: These cipher suites are based on the RC4 algorithm.
OpenSSL supports several 128-bit and 256 bit AES cipher suites. OpenSSL is used in most open software products in Unix systems. For example, OpenSSL is used in Sendmail, Postfix, Firefox, and Thunderbird. Currently, the only 128-bit cipher suite that is mutually available is RC4. Additionally, there is no 256-bit cipher available.
With this update, you can support 128-bit and 256-bit cipher suites without Cryptography Next Generation (CNG). This update enables you to use a higher cipher strength. This update also fixes the interoperability issue between the Exchange server and the Sendmail server. This update also fixes the interoperability issue between the Exchange server and the Postfix server.