This is really symptomatic of our industry, isn't it? We seen to be our own
worse enemy.
Back in 95, it took that French student days to crack the 40-bit codes. Now
we are talking about minutes... its disheartening. Merde. I really wonder
how some of those MS sites survive these days...
-
Practicality : do not use 4096 bits server side private key. No, not even
2048.
Key size larger than 1024 is not supported by those bollocky client
browsers. Netscape and MSIE4 come to mind.
Regards,
Arthur Chan
- Original Message -
From: Dave Paris [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
compromised is probably a poor word to use, pointlessly weak is
more accurate. If you're going to use SSL and you're dealing with data
that needs to be protected longer than 5 minutes, use 128bit SSL.
-dsp
On Sunday, Aug 10, 2003, at 02:25 US/Eastern, Arthur Chan wrote:
Hi all.
Verisign
