Home > Archive > Java Security > March 2004 > SSL encryption limitations?
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
SSL encryption limitations?
|
|
| Matthijs Blaas 2004-03-19, 8:55 pm |
| Hi,
Is it true that it isn't allowed to use the tripple DES & MD5 encryption
scheme in SSL outside the USA?
I want to make an secure connection between an applet I wrote and an
webservice, but someone told me I could only use a 40 bit key algorithm
(which may be pretty insecure?) Could anyone clear things up for me?
Thanks in advance!
Matthijs
| |
| nobody 2004-03-19, 8:55 pm |
|
> Is it true that it isn't allowed to use the tripple DES & MD5 encryption
> scheme in SSL outside the USA?
> I want to make an secure connection between an applet I wrote and an
> webservice, but someone told me I could only use a 40 bit key algorithm
> (which may be pretty insecure?) Could anyone clear things up for me?
>
Used to be you couldn't export such encryption software without a
special license. That has been lifted, but there are regulations
requiring notification, etc. for some classes of high encryption. You
can read about the current U.S. laws here:
http://www.bxa.doc.gov/Encryption/regs.htm
|
|
|
|
|