In message <[EMAIL PROTECTED]>, "Marcus Leech" writes:
> The Thawte folks are busily promoting their "SuperCerts" which enable
> 128-bit
> symmetric modes in "International" versions of the various browsers.
>
> I guess I've been out of touch--is there an extension in web certs that
> enables
> better than 40-bit symmetric SSL modes? My assumption has always been
> that
> a 40-bit (or 56-bit) browser was "nailed" to that particular key size,
> or
> lower.
>
There's an exemption that permits 128-bit keys when talking to financial
institutions. In SSL, this is enabled by some field in the merchant's
certificate. Perhaps a "SuperCert" has that bit set?
--Steve Bellovin