IETF Logo Mail Archive

Re: [TLS] RC2 examples

Mike <mike-list@pobox.com> Fri, 30 March 2007 22:36 UTC

Return-path: <tls-bounces@lists.ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HXPho-0008JB-5f; Fri, 30 Mar 2007 18:36:24 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HXPhm-0008Ev-5o for tls@ietf.org; Fri, 30 Mar 2007 18:36:23 -0400
Received: from sceptre.pobox.com ([207.106.133.20]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HXPhk-0007Ji-Vw for tls@ietf.org; Fri, 30 Mar 2007 18:36:22 -0400
Received: from sceptre (localhost.localdomain [127.0.0.1]) by sceptre.pobox.com (Postfix) with ESMTP id 74BD02EF for <tls@ietf.org>; Fri, 30 Mar 2007 18:36:42 -0400 (EDT)
Received: from [192.168.1.8] (wsip-24-234-114-35.lv.lv.cox.net [24.234.114.35]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by sceptre.sasl.smtp.pobox.com (Postfix) with ESMTP id 3F2633BCCE for <tls@ietf.org>; Fri, 30 Mar 2007 18:36:42 -0400 (EDT)
Message-ID: <460D90C3.90200@pobox.com>
Date: Fri, 30 Mar 2007 15:35:47 -0700
From: Mike <mike-list@pobox.com>
User-Agent: Thunderbird 1.5.0.10 (Windows/20070221)
MIME-Version: 1.0
To: tls@ietf.org
Subject: Re: [TLS] RC2 examples
References: <!&!AAAAAAAAAAAYAAAAAAAAALn4DBa9j89Bkul53Jf1ky/CgAAAEAAAAMIJwfPxzDJEnluvuaQoY+gBAAAAAA==@USMedRec.com> <460D3F17.2080109@pobox.com> <!&!AAAAAAAAAAAYAAAAAAAAALn4DBa9j89Bkul53Jf1ky/CgAAAEAAAAHdDNLjXadBPvoT+aFioKpABAAAAAA==@USMedRec.com>
In-Reply-To: <!&!AAAAAAAAAAAYAAAAAAAAALn4DBa9j89Bkul53Jf1ky/CgAAAEAAAAHdDNLjXadBPvoT+aFioKpABAAAAAA==@USMedRec.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Spam-Score: 0.0 (/)
X-Scan-Signature: d17f825e43c9aed4fd65b7edddddec89
Cc:
X-BeenThere: tls@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/tls>
List-Post: <mailto:tls@lists.ietf.org>
List-Help: <mailto:tls-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
Errors-To: tls-bounces@lists.ietf.org

> I'm implementing it so that we can support PKCS files.  PKCS5-RC2-128
> 
> Is this not necessary?  What formats are most CA's returning signed CSR's
> in?

My response was with a TLS mindset.  In TLS, RC2 is used only in 40-bit
EXPORT mode, so it is not secure.  I don't know the status of 128-bit
RC2, although someone else has suggested that it's been broken.  Better
to use something more modern such as AES 128 or even 256.

Mike

_______________________________________________
TLS mailing list
TLS@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls

v2.23.0 | Report a Bug | By Email