[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Public key crypto
- Date: Fri, 10 Jan 1997 19:46:19 +0000
- From: Jeff Williams <jwkckid1@ix.netcom.com>
- Subject: Re: Public key crypto
David,
davidk@isi.edu wrote:
>
> Jeff,
>
> > Jeff Williams writes :
> >
> > I attempted to make this point some time earlier (See archives), at
> > great length.
>
> We are all aware of the fact that you try to point out anything in great
> length even when it was said before ... ;-).
>
> It might have been nice if you could have come up with an alternative
> this time then.
>
> > It seems that there is a missconception as to the use
> > of certain Authentication mechinisms, PGP in particular. Key lengths
> > will not allow PGP to be used for commercial perposes outside the
> > US and Canada for export. I don't know how many times I have pointed
> > this out and where to find the information... Oh well...
>
> Why aren't we then a little bit more creative ?!? I am sure that we can
> come up with other schemes or mechanisms to make sure that we can use a
> secure transaction mechanism. We could move the whole repository outside
> the US with software that is made outside the US since import of
> encryption software is allowed ... We could try to find authentication
> (we don't need encryption) software that is created outside the US ... We
> could use other mechanisms that are less secure but can do the job
> (example: a token exchange or an ACK message mechanism).
An ACK mechanism could definatly be used, but provides for nearly no
protection fro the registries. My guess is that many potential
registries
would not take responsibilty for any damage that might be incurred with
just
a ACK mechinism, or refuse to use that mechanism at all. If it is to be
made "Manditory" by CORE or IAHC, than many users would not be serviced
in the sense of a "GOOD PUBLIC SERVICE", and we certainly wouldn't want
that, now would we?
>
> This doesn't change anything about the mechanisms as discussed on this
> list. It doesn't matter that much if you use a public PGP key, public
> OUTSIDE_THE_US_PRODUCED key, a token or an ACK mail address. May be we
> need to support even more then one mechanism to allow participation of
> all countries.
I would say that we do need to support more than one mechanism, or
look to the lowest possible denominator that also provides good
security.
Regards,
--
Jeffrey A. Williams
DIR. Internet Network Eng/SR. Java Development Eng.
Information Eng. Group.
Phone :972-447-1878
E-Mail jwkckid1@ix.netcom.com