On Mon, Mar 25, 2002 at 03:32:08PM -0800, Len Sassaman wrote:
What is most concerning to me is a few discoveries that were made while looking into the problem of widespread use of 1024 bit keys:
Personally I'm not too concerned (yet). You're probably worse off due to implementation flaws. But on a list of things which "should be fixed" for the future: Any RSA implementation using RSARef (which until the patent expired was the only legal way to write RSA implementations in the US) is limited to < 1024 bits. I can think of a few vendors using embedded SSH who still suffer from this problem (Vendor F comes to mind, but their SSH implementation also doesn't work with OpenSSH w/freebsd localisations, so something else is afoot there as well). -- Richard A Steenbergen <ras@e-gerbil.net> http://www.e-gerbil.net/ras PGP Key ID: 0x138EA177 (67 29 D7 BC E8 18 3E DA B2 46 B3 D8 14 36 FE B6)