In the grand scheme of things it seems that the _least_ of the problems
to worry about is someone decrypting your SSL traffic. I could be wrong,
but if I was trying to get someone's "secret info", be it credit card,
or social security, I would mount an attack on the operating system, or
the database on the computer that held the info. The only way someone
even gets an opportunity to crack SSL is to be able to sniff the packets
as they travel "over the wire." You'd have to be pretty motivated to
even sort through the packets. Then they'd have to get the right page
transaction, and then spend at least a week with fairly powerful
computers to decrypt that one page. If the transaction was on a
different page, they'd have to start all over again.
Also, there are many targets that are an order of magnitude easier to
crack, and have a much greater payoff than sniffing and decrypting
packets. I haven't heard of a single case of someone getting their info
stolen from having a 40 bit key cracked. (If anyone has, let me know!)
I'm not saying that SSL encryption isn't important (it is!), but I am
saying that, if money is an issue, 128-bit encryption is an overkill for
web transactions.
Also, I'd ditch VeriSign, and go with a GeoTrust cert from
http://rackshack.net. We've been using them for about six months and
haven't had a single problem.
(Sorry for the late response--my wife and I had a baby and I've been
away for a while, and I wanted to say something about setting security
priorities. I hope it was helpful...)
Jeff Polaski
RGS Webmaster
"I've never seen an abominable snowman,
I'm hoping not to see one,
I'm also hoping, if I do,
That it will be a wee one. "
- The Abominable Snowman , by Ogden Nash
-----Original Message-----
From: David Fafard [mailto:[EMAIL PROTECTED]
Sent: Sunday, September 07, 2003 4:18 PM
To: CF-Talk
Subject: SSL Cert 40 bit or 128 bit
I'm on the verisign site and I have the option
of getting a 40 bit or 128 bit.
Of course the 128 bit is 500.00 more.
What do folks usually get? the 128 bit?
Thanks,
Dave Fafard
[Todays Threads] [This Message] [Subscription] [Fast Unsubscribe] [User Settings]
