[Previous] [Next] [Index]
[Thread]
Re: Netscape and 40 bit encryption
Phil says:
> No, I don't think anyone would question the 40bits is not enough. Thats why the
> US government will let people use it...
While the US govt (and others) will bar strong (>40b) general purpose
ENCRYPTION, this does not hold for authentication (as Chuck asked), or in fact
even for encryption which is limited to, say, credit card numbers.
Therefore: I agree with Phil that technically SSL does use 40b. But I disagree
that this is unavoidable due to export restrictions; strong auth and encryption
of credit card and similar info is possible.
Best, Amir Herzberg
References: