Does anyone have a pointer to why the session ID in SSLV3 is
in the clear, rather than encrypted? I'm sure there's a good
reason for it (audit? logging? other...?) but I'm trying to
pin down exactly why it was done that way. Can anyone point
me in the right direction?
mjr.
--
Marcus J. Ranum, CE
Does anyone out there have any statistics about usage of
SSLV3 versus SSLV2? I'm trying to get a feeling for how much
product support there needs to be for V2 -- is there even
a significant user base for it anymore? Does anyone keep any
measures of version usage??
mjr.
--
Marcus J. Ranum, CEO, Ne
A story on NEWS.COM says:
Key fights on crypto exports in Congress
By Courtney Macavinta
Staff Writer, CNET News.com
July 14, 1999, 3:40 p.m. PT
The future of strict export controls on strong computer
security products could be decided in key battles
Or at least a bad joke.
(Excuse me, while I wipe the atomized remains of a latte off my
monitor and keyboard...)
Cheers,
RAH
--- begin forwarded text
Date: Thu, 15 Jul 1999 16:42:10 +0200
To: [EMAIL PROTECTED]
From: Somebody
Subject: S/MIME Freeware Library
S/Mime Freeware Library
http://
I am a software developer and I have been tasked with replacing our current
proprietary encryption routine with an ANSI or DES 128 standard encryption
routine. I was asked to research whether or not there were any routines out
there available that we could use.We would like to avoid codi
