Re[3]: [Exim] OT: TLS encryption strength

トップ ページ
このメッセージを削除
このメッセージに返信
著者: Richard Welty
日付:  
To: exim-users
題目: Re[3]: [Exim] OT: TLS encryption strength
On Mon, 10 Mar 2003 09:16:20 +0000 Giuliano Gavazzi <eximlists@???> wrote:
> I was just concerned about password protection. I hope RC4
> vulnerability still requires a pretty determined person and that the
> tools to break it do not come shrink-wrapped off the shelves.


for an extremely short transaction, there's not much text to attack.

i don't recall the details of the RC4 vulnerabilities off hand, except in
the context of WEP, where numerous design issues got botched, massively
weakening the crypto.

if you can get it to do 3DES, you're better off, but i'd not get panicky
about RC4 in this context.

richard
--
Richard Welty                                         rwelty@???
Averill Park Networking                                         518-573-7592
              Unix, Linux, IP Network Engineering, Security