The specification mentions using "high-grade" encryption. What about weak encryption using 40 bit RC2? Presumably this will still be supported.
However there should be some way to at least warn if a message is going to be sent using weak encryption. Steve. -- Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/ Personal Email: [EMAIL PROTECTED] Senior crypto engineer, Gemplus: http://www.gemplus.com/ Core developer of the OpenSSL project: http://www.openssl.org/ Business Email: [EMAIL PROTECTED] PGP key: via homepage.
