Re: info on proposed SSL protocol and Netscape implementation

• To: www-security@ns1.rutgers.edu, zurko@osf.org
• Subject: Re: info on proposed SSL protocol and Netscape implementation
• From: Paul Leach <paulle@microsoft.com>
• Date: Mon, 28 Nov 94 12:15:50 TZ
• Cc: hallam@dxal18.cern.ch
• Reply-To: Paul Leach <paulle@microsoft.com>

----------
| From: Mary Ellen Zurko  <zurko@osf.org>
| To:  <www-security@ns1.rutgers.edu>
| Cc: Me  <zurko@osf.org>;  <hallam@dxal18.cern.ch>
| Subject: Re: info on proposed SSL protocol and Netscape implementation
| Date: Monday, November 28, 1994 12:13PM
|

| Our approach is similar to SSL's, in that the security occurs at the
| transport layer.

Aren't you being a little ambiguous in saying that "security" occurs at 
the transport layer?  Actually, _authentication_ (via ACLs) is done at 
the (RPC) transport layer, and _authorization_ is done at the 
application layer.

Also, I thought that DCE had been shipping with these features for a 
couple of years?

Paul

• Previous: Re: info on proposed SSL protocol and Netscape implementation
• Next: Re: info on proposed SSL protocol and Netscape implementation
• Index(es):
  • Index
  • Thread