Re: Re[2]: [cobalt-users] RaQ4 Equifax Certs

["Zeffie" <cobaltlist@xxxxxxxx>]

> >> > GW> Will this impact my ability to do credit-card processing?
> >> > GW> The company I use just said I had to have SSL, they did
> >> > not specify the quality.
> >> >
> >> > It shouldn't impact your ability per se.  You'll still be
> >> > encrypting the session, but only at 1/2 to 1/3 the strength
> >> > of a 128 bit cert.  If a security nut visits your site, they
> >> > may frown upon the non 128 bit connection and go elsewhere.
> >>
> >> Danger, Will Robinson, danger...
> >>
> >> 40-bit is *NOT* 1/3 the strength of 128-bit, just as 56-bit is *NOT*
> >> around 1/2 the strength of 128-bit. I'm sure you know this, but let me
> >> spell it out in case some lurker gets confused:
> >>
> >>  40-bit:  2^40 possible combinations (roughly 1.1 x 10^12)
> >>  56-bit:  2^56 possible combinations (roughly 7.2 x 10^16)
> >> 128-bit: 2^128 possible combinations (roughly 3.4 x 10^38)
> 
> This was my mistake.  After I had made that erroneous remark, Jens
> sent me an email with a nice explanation of the different strengths of
> the different n-bit certs.  I was going to send his post as a
> follow-up, but I seem to have misplaced/deleted it.
> 
> Anyway, I should have known that cert strengths aren't based on simple
> math (base 10 was I thinking?  I dunno, I never really liked algebra,
> that's why I don't manage the layout of our network).  I think it was
> a "simple mind, simple math" syndrome type of thing...
 
Yada Yada Yada
Take this crap to a difftent list or off list...
"Hitler" comments !!!!!  WTF is this shit doing on a public list!!!!

A Key is a Key....  Get a clue

Zeffie