Non-US SSL128 site
Saw this on usenet. Figured someone might want to give it a spin... From: John Hemming - Chief Executive MarketNet <johnhemming@mkn.co.uk> Newsgroups: sci.crypt Subject: Announce>128 bit RC4 SSL available outside US Date: 30 Aug 1995 10:16:39 GMT Message-ID: <421dq7$rk4@marble.Britain.EU.net> NNTP-Posting-Host: 193.119.26.63 We have now updated our servers to a) Use 128 bit SSL if the client allows it. b) Tell users which cipher is being used on a secure session. To experiment point your secure client at one of the following: https://193.118.187.101/ https://193.118.187.102/ https://193.118.187.105/ https://193.118.187.111/ (the main server does not run SSL to minimise PK calculations) If you do not have a client that can use 128 bit RC4 then ftp://193.119.26.70/mktnet/pub/horse.zip does to the job, but is quite flaky otherwise.
a) Use 128 bit SSL if the client allows it. b) Tell users which cipher is being used on a secure session.
Interesting. When I connect, both from my Unix box at work and my Mac at home, I'm told the connection is "40 bits RC4". I'm running Netscape 1.1. I guess this makes sense, since if freely distributed clients were 128-bit capable, then foreign users would still get 128-bit security when connecting to U.S. servers. Netscape's press release on the RC4-40 crack seems to have disappeared from their home page, but I don't remember any specific mention of 128-bit U.S.-only clients, just servers. So what's up? -- Will
participants (2)
-
Donald M. Kitchen -
W. Kinney