[3703] in cryptography@c2.net mail archive
Re: Wassenaar vs. CipherSaber
daemon@ATHENA.MIT.EDU (Jim Gillogly)
Fri Dec 4 19:25:08 1998
Date: Fri, 04 Dec 1998 15:22:42 -0800
From: Jim Gillogly <jim@acm.org>
Reply-To: jim@acm.org
To: cryptography@c2.net
Steve Bellovin writes (regarding http://ciphersaber.gurus.com):
> I'm glad the site is up, but for many purposes it solves the wrong problem.
> Encryption algorithms are easy to write, or even to type in or scan from
> printed programs. But what's interesting is easy-to-use crypto, or
> crypto that can interoperate. Remember that most of PGP is *not*
> crypto algorithms.
Point well taken. However, the problem Ciphersaber solves is making
sure people who really need to communicate securely can do so without
having to get a serious cryptographer involved. Perhaps the <real>
contribution is that it teaches people how easy it can be and thus
how silly the export restrictions are. While it's true that encryption
algorithms are easy to write, they are also <very> easy to write wrong,
and having a good bite-sized implementation with verification helps to
alleviate that problem.
I would dearly love to see a bite-sized implementation that really solves
the world-wide secure communications problem by offering transparent
strong encryption. Perhaps the holy grail would be a page describing a
Netscape plug-in that would magically make its mail transparently secure.
Failing that, how about the long-awaited OpenPGP plug-in for Netscape mail?
--
Jim Gillogly
Trewesday, 14 Foreyule S.R. 1998, 23:14
12.19.5.13.7, 6 Manik 20 Ceh, Sixth Lord of Night
