17 Dec
2003
17 Dec
'03
11:17 p.m.
Suddenly some banks here in Estonia have decided that they must start offering banking services over Internet already during the next months. What worries me is that some of them are talking about using 40-bit SSL as the main security mechanism.
That seems very silly. Considering that you folks have no laws preventing you from using better I would suggest not doing something so foolish -- 40 bit RC4 is almost worthless as a cryptosystem as the recent paper on key lengths points out. Perr