On Sun, 26 Nov 2000, Kenneth E. Lussier wrote:
> I won't use anything less than 4096-bit for authentication keys. To some,
> that may be considered overkill, but to me it's plain old common sence.
I think Derek's point was that it isn't common sense at all.
A 1024-bit key will take some unimaginably huge number of years to factor.
So many years, in fact, that even if Moore's Law holds indefinitely, you still
couldn't cover the entire keyspace before the end of the universe (or
something like that).
Increasing the key length to 4096 bits thus provides *zero* additional
protection, while wasting company resources -- i.e., wasting money.
> Yes, a P75 would perform just fine as a firewall and VPN gateway for you.
> On *YOUR* end. However, that P75 is *NOT* acting as a corporate firewall.
> Nor is it handling a large amount of traffic. It also isn't handling
> multiple tunnels.
Of course, the same question applies at the corporate end. For example,
many of our customers involve a SOHO environment, where the total number of
employees in the entire company is less then ten. This changes a lot of the
"rules of thumb" that an administrator used to even small business with
dozens of employees might have. In such a case, a P75 may well be all they
need.
--
Ben Scott <[EMAIL PROTECTED]>
Net Technologies, Inc. <http://www.ntisys.com>
Voice: (800)905-3049 x18 Fax: (978)499-7839
**********************************************************
To unsubscribe from this list, send mail to
[EMAIL PROTECTED] with the following text in the
*body* (*not* the subject line) of the letter:
unsubscribe gnhlug
**********************************************************
