Pantek Library
Hosting Provided By
CybrHost
High Speed Hosting
Mailing Lists: securityfocus.com > webappsec > 03 > 070929.html (Request Expert securityfocus.com Support)

Re: SSL Regulations and Laws

From: George W. Capehart <gwc(at)capehassoc.com>
Date: Mon Jul 21 2003 - 13:14:53 EDT

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Monday 21 July 2003 10:59 am, sslquestions@hushmail.com wrote:
> We all know its common best practice to use SSL V3 or TLS 1 and at

See http://www.occ.treas.gov/ftp/bulletin/2002-2.doc

"The Office of the Comptroller of the Currency (OCC) charters, regulates, and supervises national banks to ensure a safe, sound, and competitive banking system that supports the citizens, communities, and economy of the United States." (http://www.occ.treas.gov)

Basically, the OCC is to banks what the SEC is to securities exchanges, except with more power. They set the rules for banks. 2002-2.doc says in part: "Establish a secure Internet session with each consumer using a commercially reasonable security technology that, at a minimum, is equivalent to 128-bit encryption. The secure session must be in place from the time consumers enter their banking information through the time of transmission to the . . . "

See also http://www.occ.treas.gov/ftp/advisory/2002-3.doc for similar rules for Internet-initiated ACH transactions.

Other countries have similar banking rules.

Do you need help?X

Cheers,

George Capehart
- --
George W. Capehart

"With sufficient thrust, pigs fly just fine . . ."

  • RFC 1925
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQE/HB+VPhMbfSg3fpARAiQFAKDtyV31garadRfwdya5C/1YeUFiBACfXHl0 2ttMv1h5PFX3Q8DHfsmiNOg=
=pLb+
-----END PGP SIGNATURE----- Received on Mon Jul 21 13:51:56 2003

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:07:53 EDT

Contact Us  Legal Notices  Order Services Online 
Pantek Home  Privacy Policy  IT news  Site Map  Pantek Library