Tell them that 40 bit encryption was broken down by a project (distributed
network) using many many computers as distributed power. The project also got
the reward to crack the encryption...
Anyway, this sounds much for me but I dont know what it is for your sales
force...
Mustafa Dogru
Systems Specialist
---------------------
Can anyone help me with published references clearly stating that 128-bit
encryption and 1024-bit certificates are recommended in an e-commerce solution?
Or, in opposition, something that explicitly states that 40-bit is a
respectable/secure choice for e-commerce?
I have enabled strong encryption on our current e-commerce website and
inadvertantly started a major battle between our vendor sales manager and
myself. The vendor is concerned they are losing potential customers (money)
with the 128-bit requirement, and claiming to my management that I am being too
paranoid.
My management is siding with the sales force and I've been told to roll
encryption back to 40-bit unless I can substantiate my claim that strong
encryption is required to be industry standard for online e-commerce solutions.
Any help would be greatly appreciated!
Thanks,
Diane Wood
Internet & Network Security Services
Florida Department of Highway Safety & Motor Vehicles
[EMAIL PROTECTED]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
