The link I used recently to get SSLREF is <URL: http://www.netscape.com/eng/ssl/sslref2.0/index.html>. I don't now what kind of export restrictions this enforces. I was hoping to write a program which would sit on the user's PC and act as a proxy for Netscape's browser. It would connect using 128 bit SSL instead of 40 bit. The stumbling block is that Netscape won't connect to even the local proxy unless it sees a valid certificate, one signed by a CA that it accepts. For this application I would need such a certificate, and make the corresponding public and private keys public, hard-coding them into the proxy. Since the proxy runs on the same PC as the browser there is no need for confidentiality between them, and the secret key can be revealed. Does anyone have an idea for a way to acquire a certificate acceptable to Netscape, perhaps one with a "broken key", that could be used for this purpose? Hal