Re: N$ SSL vs M$ PCT

• To: rdenny@netcom.com
• Subject: Re: N$ SSL vs M$ PCT
• From: a-davem@ac.tandem.com (maracchini_dave)
• Date: Tue, 10 Oct 95 09:40:43 PDT
• Cc: a-osborn@ac.tandem.com, www-security@ns2.rutgers.edu

	From: "Bob Denny" <rdenny@netcom.com>
	Date: Sun, 8 Oct 1995 20:50:10 -0700
	In-Reply-To: a-davem@ac.tandem.com (maracchini_dave)
	        "RE: N$ SSL vs M$ PCT" (Oct  5, 10:09)

	On Oct 5, 10:09, maracchini_dave wrote:
	> Subject: RE: N$ SSL vs M$ PCT
	> 
	> Virtually ALL protocols proposed for use in protecting commerce on the
	> Internet (e.g., S-HTTP) have holes have holes large enough to drive a truck
	> through PRECISLY because they do not limit key use to a specific purpose.

	As a participant in building an S-HTTP-capable server, I have to take 
	exception to the above. S-HTTP can indeed selectively encrypt. In contrast to 
	link-level encryption protocols like SSL and PCT, S-HTTP is designed to 
	selectively encrypt, sign, and/or encrypt and sign individual "documents". The 
	documents do not have to be HTML documents, they can be anything. Like packets 
	containing financial information. S-HTTP has the ability to negotiate keys and 
	crypt-opts at a fine-grain level.  Both in-band and out-of-band keys are 
	supported. 

	Also, in my opinion, it is unfair to describe a security system as having 
	"holes large enough to drive a truck through" without posting the support for 
	that. Quantitative support. We have a lot of newcomers to the net now, and we 
	should not treat them to scare tactics like this.

	  -- Bob


Your point is well taken. I'll be posting a more comprehensive presentation on this
subject in the near future - and I'll be looking forward to your comments.

Dave

• Previous: Re: N$ SSL vs M$ PCT
• Next: Why Cryptosystems Fail ftp site
• Index(es):
  • Index
  • Thread