This is not true!... Export ciphers also use full-length keys (for ex. 128-bits for Exp_RC4) and the most significant 88 bits of these keys are not equal to zero. For export ciphers, only 40 bits of the randomness source used to generate a 128-bit key is kept secret (see The SSL Protocol Version 3.0 by Netscape Communications Corp. - Section 8.2.2.1 Export Key Geneartion Example) Raj Mathur wrote: > If you're worried about non-US browsers not being able to handle a > 128-bit key, as far as I know the server will automatically scale down > the key size to 40 bits (make the most significant 88 bits 0) when > dealing with a client which can only handle lower levels of > encryption. > > Regards, > > -- Raju > > >>>>> "Amanda" == amanda <[EMAIL PROTECTED]> writes: > > Amanda> On Tue, 25 Jan 2000 [EMAIL PROTECTED] wrote: > >> Hi, my name is Marion I try to develop a SSL I live in France > >> and I have to generate a key in 40 bits > > Amanda> Didn't France remove that 40-bit restriction a year ago? > > Amanda> http://cwis.kub.nl/~frw/people/koops/cls2.htm#fr > > Amanda> A. > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED]
begin:vcard n:KASIM;Basar tel;cell:+90 542 5870915 tel;fax:+90 312 2873568 tel;work:+90 312 2873565-66 ( ext. 1616 ) x-mozilla-html:FALSE org:Havelsan AS;Dept. of Information Security adr:;;Eskisehir Yolu 7.Km;ANKARA;;06520;TURKEY version:2.1 email;internet:[EMAIL PROTECTED] title:Electronics Engineer fn:Basar KASIM end:vcard
