Re: N$ SSL vs M$ PCT

• To: a-davem@ac.tandem.com (maracchini_dave), www-security@ns2.rutgers.edu
• Subject: Re: N$ SSL vs M$ PCT
• From: "Bob Denny" <rdenny@netcom.com>
• Date: Sun, 8 Oct 1995 20:50:10 -0700
• In-Reply-To: a-davem@ac.tandem.com (maracchini_dave) "RE: N$ SSL vs M$ PCT" (Oct 5, 10:09)
• References: <9510051709.AA12011@aladdin.ac.tandem.com>

On Oct 5, 10:09, maracchini_dave wrote:
> Subject: RE: N$ SSL vs M$ PCT
> 
> Virtually ALL protocols proposed for use in protecting commerce on the
> Internet (e.g., S-HTTP) have holes have holes large enough to drive a truck
> through PRECISLY because they do not limit key use to a specific purpose.

As a participant in building an S-HTTP-capable server, I have to take 
exception to the above. S-HTTP can indeed selectively encrypt. In contrast to 
link-level encryption protocols like SSL and PCT, S-HTTP is designed to 
selectively encrypt, sign, and/or encrypt and sign individual "documents". The 
documents do not have to be HTML documents, they can be anything. Like packets 
containing financial information. S-HTTP has the ability to negotiate keys and 
crypt-opts at a fine-grain level.  Both in-band and out-of-band keys are 
supported. 

Also, in my opinion, it is unfair to describe a security system as having 
"holes large enough to drive a truck through" without posting the support for 
that. Quantitative support. We have a lot of newcomers to the net now, and we 
should not treat them to scare tactics like this.

  -- Bob

• RE: N$ SSL vs M$ PCT
• From: a-davem@ac.tandem.com (maracchini_dave)

• Previous: Requirements document update.
• Next: Re: N$ SSL vs M$ PCT
• Index(es):
  • Index
  • Thread