[1101] in cryptography@c2.net mail archive
RSA publishes RC2 for IETF Review
daemon@ATHENA.MIT.EDU (Vin McLellan)
Fri Jun 27 14:57:36 1997
Date: Fri, 27 Jun 1997 12:38:10 -0500
To: cryptography@c2.net
From: Vin McLellan <vin@shore.net>
<bigger>
RSA Data Security Publishes RC2(R) Specification in IETF Forum</bigger>
08:17 a.m. Jun 27, 1997 Eastern=20
REDWOOD CITY, Calif., June 27 /PRNewswire/ -- In a move to promote
broad acceptance of a single standard for electronic messaging, RSA
Data Security, Inc., a wholly-owned subsidiary of Security Dynamics
Technologies, Inc. (Nasdaq: SDTI), today announced that it has
published a description of its RC2(R) encryption algorithm for
evaluation by the Internet Engineering Task Force (IETF). The
published description of RC2 allows developers working in the IETF to
scrutinize the algorithm as part of the process to establish S/MIME(TM)
as a standard for electronic messaging. The RC2 algorithm is a
critical component of this standard because it provides for message
privacy and interoperability between domestic and export versions of
products using S/MIME.=20
Developed in 1987 by cryptography pioneer Ron Rivest, inventor of the
RSA public key cryptosystem, RC2 is in widespread use in a number of
commercial software packages, including Lotus Notes, Microsoft Windows,
Internet Explorer and Netscape Communication's Navigator and
Communicator. RSA will continue to license RC2 in a variety of RSA
security toolkits, including BSAFE and SMAIL, as a method of providing
flexible data privacy.=20
RC2's flexibility lets vendors tailor the level of security in their
products, allowing them to use long encryption keys where permitted, or
to meet federal constraints on key size for exportable applications.=20
In addition, applications that utilize RC2 for privacy enjoy
accelerated export approval from the federal government.=20
S/MIME is considered the de facto standard for interoperable, secure
e-mail and is used by major vendors, including Microsoft, IBM, Netscape
Communications and VeriSign, Inc. S/MIME allows vendors to develop
interoperable RSA-based security for electronic messaging products, so
that an S/MIME message composed and encrypted on one vendor's
application can be decrypted on another. S/MIME is based on a
combination of the standard MIME specification and the intervendor
Public Key Cryptography Standards (PKCS), one of the most widely
implemented suite of commercial cryptographic standards in the U.S.=20
"The worldwide deployment of secure, interoperable e-mail can be
accelerated by the use of single standard, such as S/MIME, which has
already gained the endorsement of many of the industry's leading
vendors of e-mail and messaging products," said Jim Bidzos, president
of RSA. "By publishing the description of RC2, we are facilitating the
IETF's approval of S/MIME as the industry's preferred solution for
protecting sensitive e-mail communications."=20
"RSA is pleased to make its intellectual property available to the IETF
in support of standards," added Steve Dusse, chief technology officer
of RSA.=20
"The Internet Mail Consortium is pleased to be involved in making
S/MIME an open standard in the IETF," said Paul Hoffman, director of
the Internet Mail Consortium (IMC) and a co-author of the S/MIME draft.
"RSA's move to publish the RC2 description will help accelerate the
standardization process and benefit the entire Internet mail community
and the many vendors already committed to S/MIME."=20
To help assure the performance of e-mail products designed to the
S/MIME specification, RSA is currently sponsoring a third round of
Internet-based interoperability testing at the S/MIME Interoperability
Center,
<<<underline><color><param>0000,0000,FEFE</param>http://www.rsa.com/rsa/S</c=
olor></underline>><underline><color><param>0000,0000,FEFE</param>http://www.=
rsa.com/rsa/S-MIME/html/interop_center.html.</color></underline>
To date, eight e-mail products, including Netscape's Communicator,
=46rontier Technologies' Intranet Genie, ConnectSoft's E-mail Connection,
Deming Software's Secure Messenger Entrust, NEL's Mahobin, OpenSoft's
Express Mail, and freeware Premail, have earned the S/MIME-certified
logo. Companies participating in RSA's current round of
interoperability testing include, Baltimore Technologies, Ltd.,
Microsoft Corporation, NTT Electronics Technology Corp., and SSE, Ltd.
While originally proposed as a standard for secure, interoperable
e-mail, vendors have recently begun to evaluate S/MIME as the basis for
creating other Internet-based secure messaging applications such as
Electronic Data Interchange (EDI) and military communications. Earlier
this year, the CommerceNet Consortium selected S/MIME as the primary
technology for its EDI Over the Internet initiative.=20
RSA is also working closely with a number of vendors and the U.S.
government to incorporate S/MIME into the Defense Messaging System
(DMS). The blueprint, expected later this summer, is designed to allow
the government to use off-the-shelf electronic messaging software,
reducing government costs and expanding the market for vendors.=20
Vin McLellan + The Privacy Guild + <<vin@shore.net>
53 Nichols St., Chelsea, MA 02150 USA <<617> 884-5548
-- <<@><<@> --
