`"L. Todd Masco"' wrote:
Ah, I knew of the GSSAPI's existence but hadn't realized that its scope included what I wanted. I'll read the draft on the internic and see if it does what I want. If so, the next logical step is to wrap RSAREF in it and to make a PGPish-wraparound.
I'd certainly be up to the former; Would anybody else be interested in ponying up their time and effort for the PGP instance? (The draft is ftpable from ftp.internic.net, /internet-drafts/draft-ietf-cat-gssv2-00.txt)
Ohh, I misinterpreted. You're talking about a high level interface that assumes cryptographic operations are already being used for specific purposes (ie. `signature', `GetMIC', `VerifyMIC', `Wrap', `Unwrap'). I was thinking more about the layer below this, the primitive operations that don't make assumptions on what the user is going to do; and limitations placed thereupon. ps. In the middle of the year I worked on a Radio Show that delved into the PGP and Clipper debarcle, it was titled `Tales from the Crypt'. Subsequently I submitted it for a Government sponsored contest for excellence in technical, science and engineering journalism. I found out yesterday that I've taken out a prize for the best work conducted by someone under the age of 26. There is a certain irony in being awarded the prize by a Government department :-). -- Matthew Gream (sw/hw engineer) <M.Gream@uts.edu.au> (02) 821-2043