--envbJBWh7q8WU6mo
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Martin Husemann(martin@duskware.de)@2002.08.29 10:45:29 +0000:
> On Thu, Aug 29, 2002 at 09:12:32AM +0200, Karsten W. Rohrbach wrote:
> > increasing the server's key width imposes a higher processing cost for
> > the initial handshake. efficiency of the cipher used for transit
> > encryption is not directly affected.
>=20
> You are aware that the current default key length already causes ~ 60s in=
itial
> handshake on hardware still in production use? (The Sparc Station 2 used =
as
> a NAT gateway at work, for example.)

wasn't aware about the sparcs, but got several boxes here running on ppc603e
and antique x86 hardware, which my observations are based on.

> So bumping up the default is no good idea. More prominently pointing the =
user
> at the switch may be.

i second that.

> Martin

regards,
/k

--=20
> Booze is the answer. I don't remember the question.
WebMonster Community Project -- Reliable and quick since 1998 -- All on BSD
http://www.webmonster.de/ - ftp://ftp.webmonster.de/ - http://www.rohrbach.=
de/
GnuPG:   0xDEC948A6 D/E BF11 83E8 84A1 F996 68B4  A113 B393 6BF4 DEC9 48A6
REVOKED: 0x2964BF46 D/E 42F9 9FFF 50D4 2F38 DBEE  DF22 3340 4F4E 2964 BF46
REVOKED: 0x4C44DA59 RSA F9 A0 DF 91 74 07 6A 1C  5F 0B E0 6B 4D CD 8C 44
My mail is GnuPG signed - Unsigned ones might be bogus - http://www.gnupg.o=
rg/
Please do not remove my address from To: and Cc: fields in mailing lists. 1=
0x

--envbJBWh7q8WU6mo
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Comment: For info see http://www.gnupg.org

iD8DBQE9beXqs5Nr9N7JSKYRAt54AJ4+/ojYaTTgV4z4fwHr+ayL7iOeUQCeLA70
f2ZES498Y7gS+5PBciFWtDQ=
=rRJY
-----END PGP SIGNATURE-----

--envbJBWh7q8WU6mo--