[Top] [All Lists]

Re: The 40-bit debate

1997-04-17 20:04:14
I vote that we never force a "MUST" with weak 40-bit crypto, 
Let's not lead the naive to think it's "Secure". 
We all know a brute-force attack against 40-bit
cipher can yield clear text in a short amount of time, so I
believe, we (the IETF community) has a moral obligation to 
the millions of "unsuspecting" users AND we "MUST" have a
spec that protects their content, (as one would think a Secure
Product would...)

Charles Breed

At 07:47 PM 4/17/97 -0700, you wrote:
I'd like to second the motion to split the RC2/40 discussion into two
parts. Please note the subject of this part, and reply with this subject if
you want to talk about whether or not the S/MIME spec should have a MUST
or a SHOULD that includes 40-bit encryption.

--Paul E. Hoffman, Director
--Internet Mail Consortium

<Prev in Thread] Current Thread [Next in Thread>