[5016] in cryptography@c2.net mail archive
Padlock Size was Re: so why is IETF stilling adding DES to protocols? (Re: It's official... DES is History)
daemon@ATHENA.MIT.EDU (Steve Mynott)
Mon Jun 28 17:25:54 1999
Date: Sun, 27 Jun 1999 09:48:57 +0100
From: Steve Mynott <steve@tightrope.demon.co.uk>
To: nelson@media.mit.edu (Nelson Minar)
Cc: cryptography@c2.net, cypherpunks@cyberpass.net
In-Reply-To: <14197.2384.918245.272576@pinotnoir.media.mit.edu>; from Nelson Minar on Sat, Jun 26, 1999 at 01:09:36PM -0400
On Sat, Jun 26, 1999 at 01:09:36PM -0400, Nelson Minar wrote:
> popped up. I was shocked to see that the certificate was being used
> with a 40 bit cypher. I have no idea what info has been leaked out
> that channel.
You can disable 40 bit crypto via 'Security>Navigator>Configure SSL v2/3'
> The point is that in Netscape, it is very hard to tell if a given link
> is 40 bit or 128 bit. Sure, with enough poking around looking at page
> info you could probably figure it out. Or maybe someone knows if the
> little padlock means something like the little key used to. But I'm a
> crypto-sophisticated person, and I don't know. What about people who
> don't understand the technology at all?
Good point
There used to be two keys I believe a little (weak) key and a larger (strong)
key. In the (patched to domestic US strength) version of Netscape I use
(Linux 4.07) the padlock is always the same size. It may be my version
is broken.
Anyone with a legit. US browser confirm that this visual cue (icon
size) has been removed?
--
1024/D9C69DF9 steve mynott steve@tightrope.demon.co.uk http://www.pineal.com/
the older i grow the more i distrust the familiar doctrine that age
brings wisdom. -- h. l. mencken
