1996-04-11 - Re: Bank information protected by 40-bit encryption….

Header Data

From: Tom Weinstein <tomw@netscape.com>
To: “Daniel R. Oelke” <droelke@rdxsunhost.aud.alcatel.com>
Message Hash: e60efccf4cdd6c04d9a15cb585bbd4c0be0f0965db08876584f52de769da1209
Message ID: <316C8427.52BF@netscape.com>
Reply To: <9604101921.AA25061@spirit.aud.alcatel.com>
UTC Datetime: 1996-04-11 12:50:50 UTC
Raw Date: Thu, 11 Apr 1996 20:50:50 +0800

Raw message

From: Tom Weinstein <tomw@netscape.com>
Date: Thu, 11 Apr 1996 20:50:50 +0800
To: "Daniel R. Oelke" <droelke@rdxsunhost.aud.alcatel.com>
Subject: Re: Bank information protected by 40-bit encryption....
In-Reply-To: <9604101921.AA25061@spirit.aud.alcatel.com>
Message-ID: <316C8427.52BF@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Daniel R. Oelke wrote:
> 
> If you are the worring sort (or are looking for a ripe target)
> point your browser at:
>     https://www.diginsite.com/clients.html
> 
> There is a list of 23 Credit Unions - some (or all) of which
> allow transactions to be done over the net.
> 
> A brief once over shows that it requires Netscape 2.0 or
> better so you will have encryption, but it does not warn you
> when you are using only a 40-bit session key vs. a 128-bit key.
> (Netscape wizards - is there a way that the server can detect
>  this so that a warning message could be put up?)

For Netscape servers, you can configure which ciphers you want to use.
I'm sure Apache-SSL and most other SSL-capable servers have the same
sort of thing.  I know that Wells Fargo, at least, requires 128-bit
encryption.

-- 
Sure we spend a lot of money, but that doesn't mean | Tom Weinstein
we *do* anything.  --  Washington DC motto          | tomw@netscape.com

Thread

• Return to April 1996

• Return to “Black Unicorn <unicorn@schloss.li>”
• Return to “droelke@rdxsunhost.aud.alcatel.com (Daniel R. Oelke)”
• Return to “=?ISO-8859-1?Q?J=FCri_Kaljundi?= <jk@digit.ee>”
• Return to “Jeff Barber <jeffb@sware.com>”
• Return to “Jeff Weinstein <jsw@netscape.com>”
• Return to “sameer@c2.org”

• Return to “Tom Weinstein <tomw@netscape.com>”

• 1996-04-11 (Thu, 11 Apr 1996 11:04:55 +0800) - Bank information protected by 40-bit encryption…. - droelke@rdxsunhost.aud.alcatel.com (Daniel R. Oelke)
  • 1996-04-11 (Thu, 11 Apr 1996 12:50:01 +0800) - Re: Bank information protected by 40-bit encryption…. - Jeff Barber <jeffb@sware.com>
  • 1996-04-11 (Thu, 11 Apr 1996 20:50:50 +0800) - Re: Bank information protected by 40-bit encryption…. - Tom Weinstein <tomw@netscape.com>
    • 1996-04-11 (Thu, 11 Apr 1996 21:59:44 +0800) - Re: Bank information protected by 40-bit encryption…. - sameer@c2.org
      • 1996-04-11 (Thu, 11 Apr 1996 20:22:12 +0800) - Re: Bank information protected by 40-bit encryption…. - Tom Weinstein <tomw@netscape.com>
        • 1996-04-11 (Thu, 11 Apr 1996 20:50:01 +0800) - Re: Bank information protected by 40-bit encryption…. - sameer@c2.org
          • 1996-04-11 (Thu, 11 Apr 1996 22:07:33 +0800) - Re: Bank information protected by 40-bit encryption…. - Tom Weinstein <tomw@netscape.com>
            • 1996-04-11 (Fri, 12 Apr 1996 03:08:06 +0800) - Re: Bank information protected by 40-bit encryption…. - =?ISO-8859-1?Q?J=FCri_Kaljundi?= <jk@digit.ee>
              • 1996-04-13 (Sun, 14 Apr 1996 00:14:07 +0800) - Re: Bank information protected by 40-bit encryption…. - Black Unicorn <unicorn@schloss.li>
  • 1996-04-11 (Thu, 11 Apr 1996 23:16:08 +0800) - Re: Bank information protected by 40-bit encryption…. - Jeff Weinstein <jsw@netscape.com>
  • 1996-04-11 (Fri, 12 Apr 1996 01:15:29 +0800) - Re: Bank information protected by 40-bit encryption…. - Jeff Weinstein <jsw@netscape.com>
    • 1996-04-12 (Fri, 12 Apr 1996 09:32:36 +0800) - Re: Bank information protected by 40-bit encryption…. - sameer@c2.org