Re: SSL Regulations and Laws

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hi...

> Of course, the other option is to have a java applet downloaded onto the
However, this method has got two main drawbacks: - - virtually any "security-aware-user" will immediately disallow the execution   of any applet / script code et al.
- - the remainder of the few who trust the server all the same will most often   be cut off due to the incompatibilities linked to java awt/swing applet   stuff

Beyond those issues the risk of using not-well-secured applets (it's not an easy task to do that right - most of the tries I saw failed) heavily outweighs the "security boost" you gain from a 40 bit to 128 bit upgrade.

• From my point of view using script or any other executable code for web-based applications, especially for "security-aware" apps, is *NEVER* an option.

Kind regards

Ingo Struck

• --- ingo@ingostruck.de Use PGP: http://ingostruck.de/ingostruck.gpg with fingerprint C700 9951 E759 1594 0807 5BBF 8508 AF92 19AA 3D24 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.0 (GNU/Linux)

iD8DBQE/HERihQivkhmqPSQRAmvMAKCsmB4NDcor9WOI27LtibLWyInZNwCggjes T3a5TFDwI5LgTppzNfJkdnk=
=hnj+
-----END PGP SIGNATURE----- Received on Mon Jul 21 16:38:09 2003

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek