Re[2]: [cobalt-users] RaQ4 Equifax Certs

[Brian Curtis <admin@xxxxxxxxxxx>]

>> > GW> Will this impact my ability to do credit-card processing?
>> > GW> The company I use just said I had to have SSL, they did
>> > not specify the quality.
>> >
>> > It shouldn't impact your ability per se.  You'll still be
>> > encrypting the session, but only at 1/2 to 1/3 the strength
>> > of a 128 bit cert.  If a security nut visits your site, they
>> > may frown upon the non 128 bit connection and go elsewhere.
>>
>> Danger, Will Robinson, danger...
>>
>> 40-bit is *NOT* 1/3 the strength of 128-bit, just as 56-bit is *NOT*
>> around 1/2 the strength of 128-bit. I'm sure you know this, but let me
>> spell it out in case some lurker gets confused:
>>
>>  40-bit:  2^40 possible combinations (roughly 1.1 x 10^12)
>>  56-bit:  2^56 possible combinations (roughly 7.2 x 10^16)
>> 128-bit: 2^128 possible combinations (roughly 3.4 x 10^38)

This was my mistake.  After I had made that erroneous remark, Jens
sent me an email with a nice explanation of the different strengths of
the different n-bit certs.  I was going to send his post as a
follow-up, but I seem to have misplaced/deleted it.

Anyway, I should have known that cert strengths aren't based on simple
math (base 10 was I thinking?  I dunno, I never really liked algebra,
that's why I don't manage the layout of our network).  I think it was
a "simple mind, simple math" syndrome type of thing...

-- 
Best regards,
 Brian Curtis