[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: lynx-dev SSL and Lynx
|
From: |
Duncan Simpson |
|
Subject: |
Re: lynx-dev SSL and Lynx |
|
Date: |
Tue, 29 Feb 2000 11:57:25 +0000 |
> I don't understand that !!!
> We can download from all around the world netscape navigator and internet
> explorer which include also SSL encryption. That is fine. But it is not
> possible to find a similar compiled binary version of lynx with SSL. Where is
> the logic ?
>
OpenSSL, which lynx uses, lacks the limitations that netscape and IE have to
only do 40 bits to most sites. Only specially authorised sites get 128 bits
and this allows one to export within the export regulations. Get a few hundred
PCs or small amount of time on a SP2 and 40 bits is useless. A few properly
programmed FPGAs can easily scan the key space an order of magnitude faster
than software, and will quickly exhaust the key space. (Free SP2 time is not
hard to get as a CS postgrad.)
FYI apparently the 40 bit brain damage even applies to the avialable US
versions of IE and netscape, so even in the US your secrets are not safe. No
version of lynx-SSL or cryptozilla features this brain damage---point your
browser at a SSL test page and see what it says you are using.
--
Duncan (-:
"software industry, the: unique industry where selling substandard goods is
legal and you can charge extra for fixing the problems."