THUS SPAKE "Kipp E.B. Hickman" <kipp@warp.mcom.com>: # FYI: # # If you haven't already, I suggest you take a look at the SSL spec # (http://home.mcom.com/info/SSL.html) [ carbon to cypherpunks, whom i think would be interested] i've been looking at that. It seems that a special port has to be allocated for each TCP service. So it's not clear to me how to find out if others on the net offer SMTP with SSL, or how I can put SSL into my X11 clients & server. You see what I'm getting at? It also looks like some heavy equipment is necessary to manage these RSA certficiates. Is there anything like PGP's keyring management for manipulating my web-of-trust? Where do I find the docs? # It does what you are trying to accomplish (I think), and it is already deployed # in production code (the Netscape client and server products). In addition, we # announced this week a free (for non-commerical use) reference implementation. # The code will be out on the net as soon as the lawyers are happy :-) aha ... that's the missing link. I'd certainly like to add it to the protocols that SKRONK advertizes and negotiates, but doing my own implementation of these complex protocols, and building machinery for using non-PGP certificates, was way more than I could handle. Please beat your lawyers to a pulp, until they make it useful for us. If I can't create generally useful things with it, and share it with thousands of others on the net for free, it's not going to be used by the cypherpunk community. I recommend you put your reference implementation in the public domain (except for the RSAREF component). Or take Matt Blaze's crypto offerings from AT&T as your model. best regards, strick