-----BEGIN PGP SIGNED MESSAGE-----
In <199801010258(_dot_)SAA07113(_at_)itech(_dot_)terisa(_dot_)com>, on 12/31/97
at 07:00 PM, EKR <ekr(_at_)terisa(_dot_)com> said:
In message <v03102805b0d08d63c7cc(_at_)[208(_dot_)129(_dot_)55(_dot_)202]>,
Steve Schear writes:
At 2:25 PM -0800 12/31/97, EKR wrote:
Will Price <wprice(_at_)pgp(_dot_)com> writes:
At 11:15 PM -0800 12/30/97, Eric Rescorla wrote:
[big snip]
Try to solve the following two examples:
Netscape and Microsoft. Netscape has downloads off their web site.
They want them to be easy. That means that the user can just
point and click. That means the crypto must be exportable or none
at all. Which do you suggest?
Next consider Microsoft. They embed their browser in the OS (at
least for now.). They want to ship that to foreigners. Again,
the crypto has to be exportable or nonexistent. Which do you
suggest?
So, what do you suggest these companies do?
How about funding programs such as Fortify, which patch browsers to enable 128
-bit SSL with all willing servers (whether or not they have supercerts)?
That seems like a fine plan, but it doesn't really speak to what Netscape
ships as a Netscape product, does it?
We still talking crypto code ??? Sorry couldn't resist <G>.
There is no reason why Netscape, MS, ... etc could not interface their
crypto code through a generic plugin interface. They the provide the
specific plug-in they wish to ship for their crypto code. If someone
wished to replace it they would be free to do so. If the plugin interface
can be used for other things than crypto this would bypass the "crypto
with a hole" concerns.
Just as an interesting side note one can not to this date DL a 128 SSL
version of the OS/2 Netscape browser. It takes next to an act of GOD to
aquire one (how much of this is due to NS and how much this is due to IBM
is anyone's guess).
A rather sad state of afairs when one must aquire a 128bit browser via
replay.com even when one is located in the US.
- --
- ---------------------------------------------------------------
William H. Geiger III http://users.invweb.net/~whgiii
Geiger Consulting Cooking With Warp 4.0
Author of E-Secure - PGP Front End for MR/2 Ice
PGP & MR/2 the only way for secure e-mail.
OS/2 PGP 2.6.3a at: http://users.invweb.net/~whgiii/pgpmr2.html
- ---------------------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a-sha1
Charset: cp850
Comment: Registered_User_E-Secure_v1.1b1_ES000000
iQCVAwUBNKsT+o9Co1n+aLhhAQEcDgQAu2W3HHjM5Bj/Acr68bndHHir42EnLMY3
V2Pt5qzs1Evb1wOS1Cj3uKooG2dLaVrh+fzxye8iFBSv32aSWIRzEXfluk9Fks0W
182XSq14AhpxKAFOb/c7QEw4Z0PRQaRUXGaCgXbSuQTF1CFOtnF1A6Ff7WK6p/4S
eSo3ajB907c=
=54Gw
-----END PGP SIGNATURE-----