Can anyone help me with published references clearly stating that 128-bit encryption
and 1024-bit certificates are recommended in an e-commerce solution? Or, in
opposition, something that explicitly states that 40-bit is a respectable/secure
choice for e-commerce?
I have enabled strong encryption on our current e-commerce website and inadvertantly
started a major battle between our vendor sales manager and myself. The vendor is
concerned they are losing potential customers (money) with the 128-bit requirement,
and claiming to my management that I am being too paranoid.
My management is siding with the sales force and I've been told to roll encryption
back to 40-bit unless I can substantiate my claim that strong encryption is required
to be industry standard for online e-commerce solutions.
Any help would be greatly appreciated!
Thanks,
Diane Wood
Internet & Network Security Services
Florida Department of Highway Safety & Motor Vehicles
[EMAIL PROTECTED]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
