Steve Mynott <[EMAIL PROTECTED]> writes:
>You can disable 40 bit crypto via 'Security>Navigator>Configure SSL v2/3'
That doesn't necessarily work. I don't know about SSL, but it's impossible to
truly disable 40-bit RC2 for S/MIME no matter what you do - it's the Freddy
Kruger of crypto algorithms, no matter what to do to try and get rid of it, no
matter how many times you think you've killed it, it crawls back from the dead
and your mail goes out encrypted with good ol'40-bit RC2 again instead of the
triple DES you've told it to use. MS Outlook is no better. The only way to
get strong encryption is to engage in various bits of trickery with S/MIME
messages, typically by getting the other side to send you an S/MIME signed
message with an sMIMECapabilities attribute advertising the fact that they're
prepared to receive messages encrypted with non-crippled ciphers.
Peter.
