On Mon, 4 Dec 2000 [EMAIL PROTECTED] wrote:
> A developer among our team has informed us that OpenSSL
> cannot generate 40 bit keys (48 bit is the bare minimum).
> Is this true?
Which exactly algorithm do you mean?
An example: freeswan (.org) choose to drop support
for the weak cipher (DES) completely at price breaking specifications.
> We need a good library for SSL communications under VC6.
OpenSSL is good enough to buld applications featuring strong
protocols and siphers, if the team mentioned interested
exactly in this instead of VC6 as primary goal.
> I haven't spent too much time with OpenSSL myself but from
> the looks of it, the documentation is poor. I don't want to bother
> wasting my time trying to gather the information that I (and the
> rest of our team) needs. Our company has no objection in
> purchasing something that will ease our development.
Using 40-bit keys for major symmetric algoritms is exactly
waste of time and fooling customers.
> Would any among you recommend a suitable alternative to OpenSSL
> and state the reasons why the recommendation.
> Would any among you say that OpenSSL is the best solution
> (if the statement on my first line above is not true).
40 bits for RSA is nonsence.
> Many thanks,
>
> Angelo
please think twice,
Vadim
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
