[684] in cryptography@c2.net mail archive
Re: Full Strength Stronghold 2.0 Released Worldwide
daemon@ATHENA.MIT.EDU (Tom Weinstein)
Mon May 5 13:42:49 1997
Date: Mon, 05 May 1997 09:12:57 -0700
From: Tom Weinstein <tomw@netscape.com>
To: Adam Shostack <adam@homeport.org>
CC: cryptography@c2.net
Adam Shostack wrote:
>
> Tom Weinstein wrote:
>
> | We're not doing this in exchange for permission to export stronger
> | crypto, but because our customers have required it of us. It's not
> | acceptable to most people for the loss of their password to mean
> | that they can't ever read any of their old mail again.
>
> So you won't be putting KR into SSL?
We certainly won't be modifying the protocol for key recovery. In any
case, SSL is now under IETF change control as TLS, and I can't see them
adding it.
We will provide KR for SSL server private keys in the case of a lost
password or corrupted key database.
--
You should only break rules of style if you can | Tom Weinstein
coherently explain what you gain by so doing. | tomw@netscape.com
