[Previous] [Next] [Index]
[Thread]
Re: N$ SSL vs M$ PCT
On Oct 5, 10:09, maracchini_dave wrote:
> Subject: RE: N$ SSL vs M$ PCT
>
> Virtually ALL protocols proposed for use in protecting commerce on the
> Internet (e.g., S-HTTP) have holes have holes large enough to drive a truck
> through PRECISLY because they do not limit key use to a specific purpose.
As a participant in building an S-HTTP-capable server, I have to take
exception to the above. S-HTTP can indeed selectively encrypt. In contrast to
link-level encryption protocols like SSL and PCT, S-HTTP is designed to
selectively encrypt, sign, and/or encrypt and sign individual "documents". The
documents do not have to be HTML documents, they can be anything. Like packets
containing financial information. S-HTTP has the ability to negotiate keys and
crypt-opts at a fine-grain level. Both in-band and out-of-band keys are
supported.
Also, in my opinion, it is unfair to describe a security system as having
"holes large enough to drive a truck through" without posting the support for
that. Quantitative support. We have a lot of newcomers to the net now, and we
should not treat them to scare tactics like this.
-- Bob
References: