[13467] in cryptography@c2.net mail archive
Re: Maybe It's Snake Oil All the Way Down
daemon@ATHENA.MIT.EDU (Rich Salz)
Fri Jun 6 14:48:51 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Wed, 4 Jun 2003 20:09:01 -0400 (EDT)
From: Rich Salz <rsalz@datapower.com>
To: "James A. Donald" <jamesd@echeque.com>
Cc: EKR <ekr@rtfm.com>, Peter Gutmann <pgut001@cs.auckland.ac.nz>,
"bill.stewart@pobox.com" <bill.stewart@pobox.com>,
"cryptography@metzdowd.com" <cryptography@metzdowd.com>,
"cypherpunks@lne.com" <cypherpunks@lne.com>,
"sguthery@mobile-mind.com" <sguthery@mobile-mind.com>
In-Reply-To: <3EDE1D79.8791.1B477836@localhost>
> In attempting to solve the hard problem, it fails to make
> provision for solving the easy problem.
That's a deployment issue, not a technical issue. D-H key exchange, for
example, would be just fine. It just so happens that the SSL creators had
a particular business goal in mind: e-commerce, with a "certificate"
re-assuring the nervous customer that they were handing their credit card
to jcrew.com, not, jscrew.com. Yes, SSL was invented to solve a
particular problem. They did a reasonable job at it.
/r$
--
Rich Salz Chief Security Architect
DataPower Technology http://www.datapower.com
XS40 XML Security Gateway http://www.datapower.com/products/xs40.html
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
