ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: S/MIME winz

1998-03-10 08:56:42
from [William H. Geiger III] [Permanent Link] 
In <199803101452(_dot_)JAA02986(_at_)argon(_dot_)ncsc(_dot_)mil>, on 03/10/98 
   at 09:52 AM, dpkemp(_at_)missi(_dot_)ncsc(_dot_)mil (David P. Kemp) said:


You obviously haven't been following S/MIME any more closely than Warmly
Padgett.  Not only have MUST requirements for RSA/RC4 been dropped (RC2
is already public), but MUST requirements for DSA/3DES have been added.



Both S/MIME users and PGP users will be able to switch to free
algorithms, and there is no interoperability problem between users who
switch and those who don't (as long as they use standard-compliant
software).



I'll grant that PGP users may be more intellectually motivated to switch
quickly.  PGP, Inc can speak to whether they intend to coerce users into
switching by dropping support for optional algorithms.



<sigh> you are missing the point. The fact that RSA/RC4 has been droped is
irrelevant. If you implementation only uses DH/DSS and everyone else is
using RSA then who are you going to talk to? If all the users of Netscape,
Outlook, Lotus Notes, ...ect all use RSA keys how is your DH/DSS
implementation going to communicate with them?? Remember communication is
a two way street. If the "big players" add DH/DSS support so they can read
you messages but you still can't process the RSA messages that you
receive, what then?

I would imagine that the majority of S/MIME implementations are based on
RSADSI's BSafe. In my phone conversations with RSADSI last week they made
it plain in no uncertian terms that they will *not* be supporting these
unencumbered algorithms and their position is that DH/DSS is "untested"
and "insecure" (Their basic position is if it's not from RSADSI it's not
"secure").

Has Verisign made any offical position that they will even certify
anything other than RSA?

The simple fact is that if PGP, Inc. had not made the push for DH/DSS no
significant portion of PGP users would be using it.

-- 
---------------------------------------------------------------
William H. Geiger III  http://users.invweb.net/~whgiii
Geiger Consulting    Cooking With Warp 4.0

Author of E-Secure - PGP Front End for MR/2 Ice
PGP & MR/2 the only way for secure e-mail.
OS/2 PGP 2.6.3a at: http://users.invweb.net/~whgiii/esecure.html                
        
---------------------------------------------------------------
 
Tag-O-Matic: PATH=C:\DOS;C:\DOS\RUN;C:\WIN\CRASH\DOS;C:\ME\DEL\WIN

Attachment: pgpMVzJDoYZMD.pgp
Description: PGP signature

[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: RFC 2015 problems, William H. Geiger III
Next by Date:  Re: Algorithm questions, William H. Geiger III
Previous by Thread:  Re: S/MIME winz, David P. Kemp
Next by Thread:  Re: S/MIME winz, Dave Crocker
Indexes:  [Date] [Thread] [Top] [All Lists]