From: Eric Young <eay@mincom.oz.au>
To: cypherpunks@toad.com
Message Hash: f3219e77b9cb80776e492f5d8137381c1de542059d0334bcd4e07436297c9842
Message ID: <Pine.SOL.3.91.950918185301.29263B-100000@orb>
Reply To: <43jau5$qbj@tera.mcom.com>
UTC Datetime: 1995-09-18 09:11:20 UTC
Raw Date: Mon, 18 Sep 95 02:11:20 PDT
From: Eric Young <eay@mincom.oz.au>
Date: Mon, 18 Sep 95 02:11:20 PDT
To: cypherpunks@toad.com
Subject: Re: Netscape Navigator 2.0 will implement secure e-mail
In-Reply-To: <43jau5$qbj@tera.mcom.com>
Message-ID: <Pine.SOL.3.91.950918185301.29263B-100000@orb>
MIME-Version: 1.0
Content-Type: text/plain
On 18 Sep 1995, Jeff Weinstein wrote:
> The implementation guide recommends using rc2-cbc 40-bit for content
> encryption when there is no way to determine the capabilities of the
> recipient. When you do know what the recipient can do, it recommends
> using RC2-CBC with a longer key or DES-CBC.
Hmm.... notice the use of a non public cipher as the base cipher....
what a shame....
A note for non-USA people, the next version of SSLeay will include the
full fuctionality of RSAref/RSAeuro and I should soon have the PKCS-7
stuff finished in the next release after that. I've almost finished the
documentation of the encryption/RSA type routines. The encryption/open/seal
routines supporting any cipher that conforms with a specified Cipher API.
It will be shipping with examples of des-ecb, des-cfb, des-cbc, des-ede2,
des-ede3, idea-ecb, idea-cfb, idea-cbc and rc4-128. If people could send
me the official Object identifiers for these ciphers, I'll be able to
support them in PKCS-7, otherwise they will only be supported in PEM mode.
eg,
rc4 is '1 2 840 113549 3 4'
but I don't even know what des in cbc mode is. I lack documentation.
If any-one can email SMIME/PKCS-7 stuff that is encrypted/sealed, I'll be
able to extract the object identifiers.
> For key encryption support for RSA with key sizes of 512 to 1024 is
> required, and support for 2048 bit keys is recommended. A minimum
> key size of 768 bits is recommended for US users.
Again, SSLeay has no restrictions, 4096 bits anyone :-)
eric (who is just lacking documentation :-(
--
Eric Young | Signature removed since it was generating
AARNet: eay@mincom.oz.au | more followups than the message contents :-)
Return to September 1995
Return to ““Perry E. Metzger” <perry@piermont.com>”