<div dir="ltr">Actually going from 63 to 64 is a huge jump.<div>The jump in number of bits is only a jump of 1, but the difference in what that number evaluates to be has a larger signicance.</div><div><br></div><div><br></div><div>Regarding Ricks point about something being encrypted suddenly getting called "secure":</div><div>I have a pet peeve with people doing things like this.</div><div>If its encrypted, call it encrypted (preferably with a paranthetical number of bits used) so that people can evealuate for themselves.</div><div>If someone calls it "secure" my answer is "Wanna buy a bridge?"</div><div>If they say its encrypted, Im going to ask how many bit encrypted.</div><div>If its encrypted with 8 bits, Im going to say something very rude (and you KNOW IM GOOD at that!)</div><div>Its its encrypted with 256 of 512, Im going to hold it in better regard.</div><div><br></div><div>Ive tried to find the setting that keeps adding a plug for my anti virus software and cant find the menu that sup[posedly controls this.</div><div>I just stumbeled across something that might work, but its totally different to what websites say to do.</div><div>Lets see if this works.</div><div><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Mon, Mar 18, 2019 at 1:51 PM <a href="mailto:paulz@ieee.org">paulz@ieee.org</a> <<a href="mailto:paulz@ieee.org">paulz@ieee.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div><div class="gmail-m_-6800999164707303795ydpab22c9b7yahoo-style-wrap" style="font-family:"Helvetica Neue",Helvetica,Arial,sans-serif;font-size:13px"><div></div>
<div>How many bits make something "secure"? 64 bits was deemed to be "enough" in 2016, but that was 3 years ago. When does the 64 bit requirement need to be increased?<br></div><div><br></div><div>It's hard to get excited about 63 vs 64 bits except as an embarrassment to big companies that should have done better.<br></div><div><br></div>
</div><div id="gmail-m_-6800999164707303795ydp4c96f8a6yahoo_quoted_3485979771" class="gmail-m_-6800999164707303795ydp4c96f8a6yahoo_quoted">
<div style="font-family:"Helvetica Neue",Helvetica,Arial,sans-serif;font-size:13px;color:rgb(38,40,42)">
<div>
On Monday, March 18, 2019, 12:33:29 PM PDT, Deirdre Saoirse Moen <<a href="mailto:deirdre@deirdre.net" target="_blank">deirdre@deirdre.net</a>> wrote:
</div>
<div><br></div>
<div><br></div>
<div><div dir="ltr"><a href="https://arstechnica.com/information-technology/2019/03/godaddy-apple-and-google-goof-results-in-1-million-misissued-certificates/" rel="nofollow" target="_blank">https://arstechnica.com/information-technology/2019/03/godaddy-apple-and-google-goof-results-in-1-million-misissued-certificates/</a><br></div><div dir="ltr"><br></div><div dir="ltr">"The snafu is the result of the companies' misconfiguration of the open source EJBCA software package that many browser-trusted authorities use to generate certificates that secure websites, encrypt email, and digitally sign code. By default, EJBCA generated certificates with 64-bit serial numbers, in keeping, it seemed, with an industry mandate that serial numbers contain 64 bits of output from a secure pseudo-random number generator. Upon further scrutiny, engineers discovered that one of the 64 bits must be a fixed value to ensure the serial number is a positive integer. As a result, the EJBCA default produced a serial number with 63 bits of entropy.”<br></div><div dir="ltr"><br></div><div dir="ltr">Deirdre’s note: unsigned ints are a thing y’all.<br></div><div dir="ltr"><br></div><div dir="ltr">Deirdre<br></div><div dir="ltr"><br></div><div dir="ltr"><br></div><div dir="ltr"><br></div><div dir="ltr">_______________________________________________<br></div><div dir="ltr">conspire mailing list<br></div><div dir="ltr"><a href="mailto:conspire@linuxmafia.com" rel="nofollow" target="_blank">conspire@linuxmafia.com</a><br></div><div dir="ltr"><a href="http://linuxmafia.com/mailman/listinfo/conspire" rel="nofollow" target="_blank">http://linuxmafia.com/mailman/listinfo/conspire</a><br></div></div>
</div>
</div></div>_______________________________________________<br>
conspire mailing list<br>
<a href="mailto:conspire@linuxmafia.com" target="_blank">conspire@linuxmafia.com</a><br>
<a href="http://linuxmafia.com/mailman/listinfo/conspire" rel="noreferrer" target="_blank">http://linuxmafia.com/mailman/listinfo/conspire</a><br>
</blockquote></div><br clear="all"><div><br></div>-- <br><div dir="ltr" class="gmail_signature"><br>R "Texx" Woodworth<br>Sysadmin, E-Postmaster, IT Molewhacker<br>"Face down, 9 edge 1st, roadkill on the information superdata highway..."<br></div>