On Mon, 8 Apr 1996, Jim Philips wrote:

I work with Security First. I would like to add that we use SSL 128 bit key with 40 secret, but it is not the only security feature we have. So far, it has been the means for encrypting data coming to and from the Bank. We also have a site certificate from Verisign and multiple layers of internal security at the site. I cannot agree that this encryption is "worthless".

As far as I understand anyone can fairly easy crack the 40-bit SSL your bank is using, and you must be lucky nobody has done it yet with your account. Still it seems odd that banks are telling their customers about secure communications without having any real security. Jüri Kaljundi jk@digit.ee