-----BEGIN PGP SIGNED MESSAGE----- "Kipp E.B. Hickman" <kipp@warp.mcom.com> writes:
In article <9412111620.AA41983@eldamar.walker.org>, [Amanda Walker] writes:
It is also tied directly to the RSA certification hierarchy. Now, for those of us who have X.509 certificates rooted in the RSA Commercial Certification authority, that's fine, but it also means that any other WWW client that wishes to interoperate with Netscape's "secure servers" must license TIPEM from RSA Data Security, and consequently pay RSA's rather high royalties, unless the software is free (in which case RSAREF can be
used).
This serves as a direct barrier to competition from other commercial vendors. This is not all bad--I happen to like RSADSI's products and technology--but promoting a transport-level security system instead of an end-to-end one is to my mind simply irresponsible.
This is an outright lie. We don't use TIPEM. You could build a conformant SSL implementation using RSAREF and the freeware IDEA cipher code.
What about the certification aspect? Would servers be forced to pay for an RSA key certification? This was a point I raised in my comments on SSL. PEM's reliance on the RSA-based certification hierarchy has at least slowed its progress if not doomed it altogether. I understand that Netscape clients will embed certain Certification Authority keys and use them to validate signed server keys. Does this also mean that only RSA-approved CA's will be allowed? What if some CA in some other country not covered by RSA patents came into operation? Would your relationships with RSA still allow you to embed non-RSA- approved CA keys? I would hope so. RSA is both respected and mistrusted in the crypto community, so you wouldn't want to tie yourselves too closely to them. Have you heard of the "web of trust" concept implemented by PGP? This allows users to designate chosen individuals as trusted key signers and to authenticate keys on that basis. It is non-hierarchical and decentralized. (There is also plenty of bad blood between RSA and PGP.) Will you be able to support decentralized authentication models like this? I hope this is something you will explore. (I have no financial interests in any of these companies or protocols!) Hal Finney -----BEGIN PGP SIGNATURE----- Version: 2.6 iQBVAwUBLuzMQRnMLJtOy9MBAQEoyQH8CvFo2PzdB7fzn5TDSW52mZFpuu2HIt9d YazndhCPcE349CxumMzwmrE9tVA9e/toEIysfSwcjubW1rOXX7Wrxw== =189c -----END PGP SIGNATURE-----