-----BEGIN PGP SIGNED MESSAGE----- stewarts@ix.netcom.com wrote:
However, the usual guidelines for systems like RC2 and RC4 is 40-bit keys, and RSA keys up to 512 bits for encrypting session keys and 1024 bits for signatures
Can you list a source for the 1024-bit signature restriction? I know about the 40-bit RC2/RC4 and 512-bit public encryption keys because they are specifically addressed in the State Dept's "Procedure for Submitting a Commodity Jurisdiction Request for a Mass Market Software Product that Contains Encryption". However, digital signatures are not mentioned in this procedure. I can't image what justificication could be used to restrict the strength of digital signatures. Kent - ------------------------------------------------------------ Puffer & CryptaPix available from http://execpc.com/~kbriggs - ------------------------------------------------------------ - --- [This message has been signed by an auto-signing service. A valid signature means only that it has been received at the address corresponding to the signature and forwarded.] -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Gratis auto-signing service iQBFAwUBMi2o9SoZzwIn1bdtAQEBoAF+PjxvtAuPUnlMr9UGoIYhjgjPQ0Bs0GeE 5077GFz/pASkMfFvsh5uO6I9BBtpGMpI =P92s -----END PGP SIGNATURE-----