Richard: In response to your enquiry (see below), I recommend to all my clients that they utilize 128-bit SSL with the more costly Global or Universal server IDs (certificates) if they intend to protect financial transactions or personal privacy information. Global certificates are available from VeriSign for servers based in the US and Canada. The installation of global certificates trigger the Netscape surrogate and the Internet Explorer gated functionality. What this means is that 40-bit, 56-bit, and 64-bit versions of the browser will step up to 128-bit SSL sessions without the user having to install a browser or upgrade to achieve the stronger algorithm. The functionality has been built into Netscape and IE since version 3. Just make sure that your server can also support a Global server ID (a.k.a. certificate). I have discovered that some of them do not! Check the VeriSign site to confirm which ones are actually supported.
Regards; Marc Mandel At 01:40 PM 05/24/2002 -0400, Richard Ginski wrote: >I'm sorry for being off topic, but the response and experience on this >list is very good and I seek a quick response: > >If an organization wished to do credit card processing (without me >getting into the gory details) what "bit" level of encryption would you >recommend? (SSL implementation) 56 bit? 128 bit? >_______________________________________________ >Firewalls mailing list >[EMAIL PROTECTED] >For Account Management (unsubscribe, get/change password, etc) Please go to: >http://lists.gnac.net/mailman/listinfo/firewalls _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] For Account Management (unsubscribe, get/change password, etc) Please go to: http://lists.gnac.net/mailman/listinfo/firewalls
