It's amazing what you can find by searching the forum first.
Users on this forum have a very naive and rudimentary perspective on security. Most people here have some absurd idea that encryption cipher strength is everything. Realistically, 128bits is MORE than enough for data transfers.
Leaving your oh-so important encryption aside, think about how many other ways the security of your server can be compromised. Once you've taken care of the other problems, you can come back and worry about encryption cipher strength.
if you can't read the posts, they basically all say the same thing. ioftpd uses the microsoft cryptography api, instead of ssl, because it better integrates with the i/o system used by ioftpd.
key limits in that api are a microsoft limitation, but said key limits don't affect the security of the file transfer.
ok... i just thought it would be good no problem with that.. to the search te forum prob... there are REALLY many threads with ssl in it and this thread wasnt sarted as an stand-alone