256-bit does not require ANSSI permission anymore
Since the decret 2007-663 of May 2nd, 2007, 256-bit does not need specific authorization anymore. Cryptologic methods are now free of use.Before that date, the situation was:
256-bit was not free of use, it abided to supply and importation restriction rules.
See here: http://www.ssi.gouv.fr/fr/reglementation/regl_crypto.html
The free use means that users can use it without any particular procedure.
Before that, it was useful to configure OpenSSL software with a Cipher chain deactivating 256-bit (exclusion of exclusion de !AES256-SHA:!DHE-RSA-AES256-SHA)
Example:
SSLCipherSuite HIGH:-AES:MEDIUM:LOW:EXPORT:!EDH:!ADH:!DSS:!EXPORT56:@STRENGTH:+3DES:+DES
Last edited on 06/18/2015 07:37:26 --- [search]