"Nelson B. Bolyard" wrote:
> Inadequacies of SSL_SecurityStatus:
12. It reports 3DES as having 168 bits of effective strength when it has
only 112.
> PRUint16 version;
Should be "protocolVersion"
Would it be reasonable to combine authKeyBits and keaKeyBits, with the
function returning the lesser value? I'm concerned about confusion
similar to that about the difference between key size versus secret key
size. What does it matter that key exchange used 1024 bits if the peer
only authenticated with 512 bits?
Perhaps separate numbers might make sense for DHE/RSA or RSA/DSA
handshakes.
S/MIME Cryptographic Signature
