When you say you need to create a 128bit key, what are you referring to? I believe you are confusing the 128bit (or less if your browser is an old export-crippled one) generated SSL key per SSL session with the actual server key. Anything less than a 1024 bit server key is a waste of time, given that 512bit keys are now breakable via desktop machines. Allegedly the US Government has the power to break 1024 bit keys. There's been a lot of discussion about this on Bugtraq recently.
- John Airey Internet systems support officer, ITCSD, Royal National Institute for the Blind, Bakewell Road, Peterborough PE2 6XU, Tel.: +44 (0) 1733 375299 Fax: +44 (0) 1733 370848 [EMAIL PROTECTED] The teaching of evolution as a proven fact rather than a theory has done more harm to scientific progress than anything else in history. -----Original Message----- From: Robert Durdle [mailto:[EMAIL PROTECTED]] Sent: 18 April 2002 21:06 To: [EMAIL PROTECTED] Subject: 128 bit key Hi, I need to create a 128 bit key, but when I try to, it throws this at me. 11663:error:04075070:rsa routines:RSA_sign:digest too big for rsa key:rsa_sign.c:114: 11663:error:0D072006:asn1 encoding routines:ASN1_sign:bad get asn1 object call:a_sign.c:129: I need it to create a 128 bit key due to an employers special needs, a 1024 bit one would be useless to me :/ - Robert ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] - NOTICE: The information contained in this email and any attachments is confidential and may be legally privileged. If you are not the intended recipient you are hereby notified that you must not use, disclose, distribute, copy, print or rely on this email's content. If you are not the intended recipient, please notify the sender immediately and then delete the email and any attachments from your system. RNIB has made strenuous efforts to ensure that emails and any attachments generated by its staff are free from viruses. However, it cannot accept any responsibility for any viruses which are transmitted. We therefore recommend you scan all attachments. Please note that the statements and views expressed in this email and any attachments are those of the author and do not necessarily represent those of RNIB. RNIB Registered Charity Number: 226227 Website: http://www.rnib.org.uk 14th June 2002 is RNIB Look Loud Day - visit http://www.lookloud.org.uk to find out all about it. ______________________________________________________________________ Apache Interface to OpenSSL (mod_ssl) www.modssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
