[3018] in cryptography@c2.net mail archive
Re: Pseudonymous S/MIME certs?
daemon@ATHENA.MIT.EDU (Enzo Michelangeli)
Tue Jul 21 11:05:13 1998
From: "Enzo Michelangeli" <em@who.net>
To: <cryptography@c2.net>
Date: Tue, 21 Jul 1998 08:37:23 +0800
-----Original Message-----
From: Jeff Weinstein <jsw@netscape.com>
Date: Tuesday, July 21, 1998 3:23 AM
>Enzo Michelangeli wrote:
>> Another question, specifically for Jeff: are there plans for supporting
DSS
>> and DH certificates in Navigator?
>
>Current communicator/navigator supports DSS. We are working on DH, but
>I can't say yet when we will have it in a product.
Actually, my question really meant: "When will we be able to see Navigator
talking to Web servers not using RSA?" Hopefully, before September 20 of the
year 2000 ;-)
I'm not a fan of conspiracy theories, but I noticed a strange reluctance by
vendors to support RSA-free ciphersuites like
SSL_DH_DSS_WITH_3DES_EDE_CBC_SHA or SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA. For
example, a member of the Opera development team told me last June that
changes to their code will take time and "I know that TLS does have a
DH-anon 3DES mandatory cipher, but at the moment I'll just have to be
non-conformant on that point". Of course, lack of support in the popular
browsers translates into a need for RSA-based ciphersuites in server-type
applications, which usually are those where some money is made and royalties
can be collected...
Enzo
