BT's Trustwire 40 bit secure communications claim
Paul Halliden
PHalliden at zergo.com
Fri, 12 Feb 1999 12:03:13 -0000
According to my browser (IE4.01) the site uses a 128-bit *hash* (MD5) with
512-bit RSA keys used to establish a 40-bit RC4 encryption key. It also
uses the older SSL v2.0 which is usually considered less secure than the
current SSL v3.0. 128-bit RSA would be very weak ;-).
Regards
Paul Halliden
Director for Strategic Technology
________________________________________________________________________
_
Baltimore, The Square, Basing View, Basingstoke, Hants, RG21 4EG, UK
Tel: +44 (0) 1442 342 784 Fax: +44 (0) 1256 812901
http://www.baltimore.com
Baltimore is the operating name of Zergo Holdings plc
-----Original Message-----
From: Steve Mynott [mailto:steve@tightrope.demon.co.uk]
Sent: 12 February 1999 09:17
To: ukcrypto@maillist.ox.ac.uk
Subject: Re: BT's Trustwire 40 bit secure communications claim
strangly enough BT micropayment
https://transend.labs.bt.com/
uses a RSA 128-bit cert. How have they managed that?
On Thu, Feb 11, 1999 at 07:14:12AM -0800, Duggie Stenhouse wrote:
> Just been harangued by a BT salesman trying to sell the services
> of the BT spinoff http://www.trustwise.com
>
> Basically it's a "bona fide" certificate issuer - however, they are also
> selling "secure e-commerce solution" based on 40 bit keys which
> "guarantee security"
--
1024/D9C69DF9 steve mynott steve@tightrope.demon.co.uk
http://www.pineal.com/
just about every computer on the market today runs unix, except the mac
(and nobody cares about it). -- bill joy 6/21/85