Perry E. Metzger wrote:
Jeff Weinstein writes:
Any possibility that Netscape might build in some form of cryptography? I realize ITAR rules would make this problematic, but perhaps some sort of out-of-country deal for putting in the hooks for PGPhone could be done.
The internet phone software is coming from one of the companies that we are acquiring. This is one obvious application of SSL that I will be looking into after the merger is complete.
1) I strongly suggest that SSL is *not* in its current form the right technology, because internet phone type tools probably use UDP, not TCP.
I guess that is what I get for posting when too tired. Certainly the current SSL won't work for UDP based protocols. Either we will have to make a UDP version of SSL or use some existing protocol that gets the job done. Since our acquisition is not complete I haven't really had an opportunity to talk to the streaming media guys yet...
2) I strongly hope that Netscape tries to move the product towards standards based mechanisms like the IETF's RTP protocol, which are in widespread use, rather than pushing yet more proprietary systems. Proprietary is bad in this instance. I believe, by the way, that several existing RTP implementations have encryption in them.
Here is a quote from a recent press release - "The Netscape LiveMedia framework will be based on the Internet Realtime Transport Protocol (RTP), RFC number 1889...". The full release can be found at: http://home.netscape.com/newsref/pr/newsrelease81.html I believe that the current product (which was developed by a company that we are acquiring) will be migrated to RTP as soon as we can do it. --Jeff -- Jeff Weinstein - Electronic Munitions Specialist Netscape Communication Corporation jsw@netscape.com - http://home.netscape.com/people/jsw Any opinions expressed above are mine.