We thought we could escape from writing the words "Windows 2000" again. But it's a topsy turvy world, and that's a fact - as these three IT security whitepapers, fresh from the Reg Library, show. How to offer the strongest SSL encryption This paper from VeriSign, urges web security pros to get their act together regarding …
Three words: High Encryption Pack.
Used to come on a floppy with original Win2K media, and upgraded the cryptography to 128-bit.
Any Win2K with SP2 upwards would have this integrated anyway.
There's an elephant in the corner, but it's not clicking on the padlock to check certificates.
128-bit is _NOT_ the strongest encryption available, many sites supports 256-bit AES encryption as detailed in RFC 3962 as do modern browsers, sites such as paypal among others support it.
"Verisign's call ... seems sensible enough."
"Verisign's call for websites to protect every SSL session with the strongest encryption available to each site visitor seems sensible enough."
Yeah, considering they're a retailer of SSL certificates. Coincidence, that.
More of the same
-Update your OS / Browser
-Make code simple, no XSS, no extra crap
-Medium businesses are vulnerable too
-And businesses want to sell you crap