[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: rc2 export limits..



-----BEGIN PGP SIGNED MESSAGE-----

[email protected] wrote:

> However, the usual guidelines for systems like RC2 and RC4 is
> 40-bit keys, and RSA keys up to 512 bits for encrypting
> session keys and 1024 bits for signatures

Can you list a source for the 1024-bit signature restriction?  I know
about the 40-bit RC2/RC4 and 512-bit public encryption keys because they
are specifically addressed in the State Dept's "Procedure for Submitting
a Commodity Jurisdiction Request for a Mass Market Software Product that
Contains Encryption".  However, digital signatures are not mentioned in
this procedure.  I can't image what justificication could be used to
restrict the strength of digital signatures.

Kent

- ------------------------------------------------------------
Puffer & CryptaPix available from http://execpc.com/~kbriggs
- ------------------------------------------------------------
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMi2o9SoZzwIn1bdtAQEBoAF+PjxvtAuPUnlMr9UGoIYhjgjPQ0Bs0GeE
5077GFz/pASkMfFvsh5uO6I9BBtpGMpI
=P92s
-----END PGP SIGNATURE-----