> > I've read the M$ blurb on the US Gov allowing the export of
> > 128-bit IIS for financial use. It's not clear to me whether
> > this is really strong crypto or if there's some catch.
> >
> > The part I don't like is that "128-bit encryption capability is
> > implemented as an extension to the SSL...". Does this mean
> > that it will only be compatible with MSIE, or any browser with
> > strong crypto (e.g., Fortify'd Netscape)?
> It is not a special extension per se (although the MSIE handling
> could be called extension ;-). It is just a certificate signed by
> a special CA (the certs of which are only available by financial
> institutions) and the browser remembers its true strong crypto
> capabilities.
What does this mean in terms of the browser; does the export (40-bit)
MSIE all of a sudden do strong crypto?
> The same game is with netscape. The CA in question is Verisign.
> Look for Global Server ID.
:-( Those of us who prefer to have Thawte sign (cheaper, easier)
are going to be out of luck for the time being.
-T.
+-------------------------------------------------------------------------+
| Administrative requests should be sent to [EMAIL PROTECTED] |
| List service provided by Open Software Associates, http://www.osa.com/ |
+-------------------------------------------------------------------------+
