From: Kent Briggs <72124.3234@compuserve.com>
Date: Thu, 5 Sep 1996 03:52:11 +0800
To: cypherpunks@toad.com
Subject: Re: rc2 export limits..
Message-ID: <199609041606.MAA20510@spirit.hks.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

stewarts@ix.netcom.com wrote:

> However, the usual guidelines for systems like RC2 and RC4 is
> 40-bit keys, and RSA keys up to 512 bits for encrypting
> session keys and 1024 bits for signatures

Can you list a source for the 1024-bit signature restriction?  I know
about the 40-bit RC2/RC4 and 512-bit public encryption keys because they
are specifically addressed in the State Dept's "Procedure for Submitting
a Commodity Jurisdiction Request for a Mass Market Software Product that
Contains Encryption".  However, digital signatures are not mentioned in
this procedure.  I can't image what justificication could be used to
restrict the strength of digital signatures.

Kent

- ------------------------------------------------------------
Puffer & CryptaPix available from http://execpc.com/~kbriggs
- ------------------------------------------------------------
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMi2o9SoZzwIn1bdtAQEBoAF+PjxvtAuPUnlMr9UGoIYhjgjPQ0Bs0GeE
5077GFz/pASkMfFvsh5uO6I9BBtpGMpI
=P92s
-----END PGP SIGNATURE-----