[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: rc2 export limits..
-----BEGIN PGP SIGNED MESSAGE-----
[email protected] wrote:
> However, the usual guidelines for systems like RC2 and RC4 is
> 40-bit keys, and RSA keys up to 512 bits for encrypting
> session keys and 1024 bits for signatures
Can you list a source for the 1024-bit signature restriction? I know
about the 40-bit RC2/RC4 and 512-bit public encryption keys because they
are specifically addressed in the State Dept's "Procedure for Submitting
a Commodity Jurisdiction Request for a Mass Market Software Product that
Contains Encryption". However, digital signatures are not mentioned in
this procedure. I can't image what justificication could be used to
restrict the strength of digital signatures.
Kent
- ------------------------------------------------------------
Puffer & CryptaPix available from http://execpc.com/~kbriggs
- ------------------------------------------------------------
- ---
[This message has been signed by an auto-signing service. A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service
iQBFAwUBMi2o9SoZzwIn1bdtAQEBoAF+PjxvtAuPUnlMr9UGoIYhjgjPQ0Bs0GeE
5077GFz/pASkMfFvsh5uO6I9BBtpGMpI
=P92s
-----END PGP SIGNATURE-----