Accepted,
Though bringing up kerberos illustrates the kind of case where iesg could have
been a benefit. The master secret in SSL is 48 bytes, a length that gives no
more security than 128 bits would for the ciphers used but which prevents
embedding the encrypted master secret in the session Id to create. Kerberos
like ticket.
THAT is a case where an IESG hanng on a second could have been a real value.
It took many years to get a fix out for that.
Sent from my GoodLink Wireless Handheld (www.good.com)
-----Original Message-----
From: Sam Hartman [mailto:hartmans-ietf(_at_)mit(_dot_)edu]
Sent: Saturday, December 30, 2006 10:28 AM Pacific Standard Time
To: Hallam-Baker, Phillip
Cc: Michael Thomas; John C Klensin; ietf(_at_)ietf(_dot_)org;
dcrocker(_at_)bbiw(_dot_)net; sob(_at_)harvard(_dot_)edu
Subject: Re: IESG Success Stories
"Hallam-Baker," == Hallam-Baker, Phillip <pbaker(_at_)verisign(_dot_)com>
writes:
Hallam-Baker,> That is empirically not true. At this point we have
Hallam-Baker,> precisely two cryptographic security protocols that
Hallam-Baker,> can be regarded as a success: SSL and WEP. And the
Hallam-Baker,> original design of both was botched.
Sorry, I'd say Kerberos is a success as well as ssh. Both of them
demonstrate the point you're trying to make though.
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf