At 10:29 PM 9/29/95 -0700, Christopher Allen <ChristopherA@consensus.com> wrote:
5) S/MIME - real S/MIME compliance requires support for RC2 as well as publicly available algorithms, though this is really just an X.509 handler. I've been working on getting RC2/RC4 in object-only exportable size key
At 3:22 PM 9/27/95, Bill Stewart wrote: form from RSA for RSAREF customers, and Jim Bidzos has agreed in principle. We have to work out details, however.
Sounds good, but having publicly implementable standards would be nicer; licensable patented code is enough of a hassle, without having standards that have *trade secrets* built into them. RC2 as an option is fine; RC2 as a mandatory part of a conforming implementation is pretty tacky.
6) It's a lot of work - well, yeah, it is. And I'm lazy. Is there enough related code in SSLeay to steal to help implement it?
Actually, it turns out that the latest RIPEM has certificate chains, Web of Trust, and really just about everything I want, except perhaps user-friendly GUIs, which could be added easily enough. I haven't yet sorted out which parts are in the export-approved RIPEM-SIG and which parts are only in RIPEM2.1, but it's a pretty straightforward job. (Now to go scrounge some disk space!) The RIPEM code is all public-domain, and uses RSAREF for its crypto, so exporting the non-RSAREF parts is copyright/patent clean, and maybe it can be possible to put together a CJ-able version of the new stuff so it can gain legitimacy after having been exported for months :-) #--- # Thanks; Bill # Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com # Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281 #---