g'day all,
> You are restricted to 40 bit encryption, which is not secure. Better than
> nothing, though, as long as it doesn't give you a false sense of security.
if you're using an export version of netscape/communicator, you can
uncripple your browser for free so it can use 128bit encryption + 1024 bit key
generation by using fortify:
http://www.fortify.net
if you're using apache as your web server, you can build in stuff like
mod_ssl & open_ssl which gives you 128bit encryption & you can generate
your own globalID certificate & force 128bit crypto for export browsers.
unfortunately convincing browsers to use your GlobalID certificate
is a little persnicketty.
http://www.modssl.org/source/exp/mod_ssl/pkg.mod_ssl/README.GlobalID
you can also use SSH to build encrypted tunnels for protocols like POP.
http://www.ssh.fi
& if you want to wind your way through the twisty legal mess of export/import/
domestic crypto controls:
http://cwis.kub.nl/~frw/people/koops/lawsurvy.htm
good luck finding a generic solution.
cheers,
pauline
Pauline van Winsen, Technical Consultant [EMAIL PROTECTED]
eServ Pty Ltd http://www.eserv.com.au/people/pauline.html
>
> On Thu, 16 Sep 1999, Sweeney, Patrick wrote:
>
> > Pop3 can be used with SSL. You can obtain a difgital ID, open the POP3 SSL
> > port - I forget whch port number.
> >
> > Obtaining a digital ID may be complicated by the fact that you are an
> > international, non-US entity. (I'm not certain of that, but it is certainly
> > the impression the NSA would like me to have.)
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
