[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Public key crypto
- Date: Fri, 10 Jan 1997 17:31:11 -0800 (PST)
- From: davidk@ISI.EDU
- Subject: Re: Public key crypto
Jeff,
> Jeff Williams writes :
>
> I attempted to make this point some time earlier (See archives), at
> great length.
We are all aware of the fact that you try to point out anything in great
length even when it was said before ... ;-).
It might have been nice if you could have come up with an alternative
this time then.
> It seems that there is a missconception as to the use
> of certain Authentication mechinisms, PGP in particular. Key lengths
> will not allow PGP to be used for commercial perposes outside the
> US and Canada for export. I don't know how many times I have pointed
> this out and where to find the information... Oh well...
Why aren't we then a little bit more creative ?!? I am sure that we can
come up with other schemes or mechanisms to make sure that we can use a
secure transaction mechanism. We could move the whole repository outside
the US with software that is made outside the US since import of
encryption software is allowed ... We could try to find authentication
(we don't need encryption) software that is created outside the US ... We
could use other mechanisms that are less secure but can do the job
(example: a token exchange or an ACK message mechanism).
This doesn't change anything about the mechanisms as discussed on this
list. It doesn't matter that much if you use a public PGP key, public
OUTSIDE_THE_US_PRODUCED key, a token or an ACK mail address. May be we
need to support even more then one mechanism to allow participation of
all countries.
David K.
---