What RSA & Netscape have to offer
-----BEGIN PGP SIGNED MESSAGE----- Hi, While the list is busy knocking PGP for not doing the "right thing" or being the "first ones to blink" I though I would share with the list what some of the "big boys" are doing for the spread of "Strong Crypto to the Masses". Below is from the most current S/MIME draft "draft-dusse-smime-msg-05" dated 19-Oct-1997: 2.6 ContentEncryptionAlgorithmIdentifier Receiving agents MUST support decryption using the RC2 [RC2] or a compatible algorithm at a key size of 40 bits, hereinafter called "RC2/40". Receiving agents SHOULD support decryption using DES EDE3 CBC, hereinafter called "tripleDES" [3DES] [DES]. Sending agents SHOULD support encryption with RC2/40 and tripleDES. I think that when taking pot-shots at PGP, Inc. and Phil Zimmerman one should look at what the alternatives are and who are really are friends here. IMNSHO companies like RSA, Netscape, Microsoft, Verisign, et al, who would sell us all out if it improved their bottom lines do not qualify. - -- - --------------------------------------------------------------- William H. Geiger III http://www.amaranth.com/~whgiii Geiger Consulting Cooking With Warp 4.0 Author of E-Secure - PGP Front End for MR/2 Ice PGP & MR/2 the only way for secure e-mail. OS/2 PGP 2.6.3a at: http://www.amaranth.com/~whgiii/pgpmr2.html - --------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: 2.6.3a Charset: cp850 Comment: Registered_User_E-Secure_v1.1b1_ES000000 iQCVAwUBNE8Iqo9Co1n+aLhhAQGWswP+MnvOCL1EoURWpEPt23I/UIuRWBovby8d AxZS3N8/exnI2M3kDCC2mTUWmvaKdsUnwErnXCQ9nQTDa9B+2VUBlijtkC+nsTV8 Vuv484AU51havdyttE87YMDXx8LSkdWnGXLs8TpjrRXiDZlxPJWIif3haK1hC5kg I3VmdwaZc/4= =7Fan -----END PGP SIGNATURE-----
At 1:19 AM -0700 10/23/97, William H. Geiger III wrote:
While the list is busy knocking PGP for not doing the "right thing" or being the "first ones to blink" I though I would share with the list what some of the "big boys" are doing for the spread of "Strong Crypto to the Masses". Below is from the most current S/MIME draft "draft-dusse-smime-msg-05" dated 19-Oct-1997: ... I think that when taking pot-shots at PGP, Inc. and Phil Zimmerman one should look at what the alternatives are and who are really are friends here. IMNSHO companies like RSA, Netscape, Microsoft, Verisign, et al, who would sell us all out if it improved their bottom lines do not qualify.
The consistent theme of the Cyphepunks contributors, modulo the noise and insults and general fun over the past 5 years, has been to call a spade a spade. That is, regardless of what the alternatives may be, we call them as we see them. Weaknesses are weaknesses. Science dictates what we say. "But Bad Option B is even worse than Bad Option A, so we should support Bad Option A" is not very compelling to most of us. That other companies may also be preparting GAK or GMR or deliberately weakened ciphers is hardly news. Big Brother is leaning on companies in many ways, ranging from threats of lawsuits, to antitrust actions, to denial of export permits, to dangling lucrative contracts. And the alternatives, for us as users, are not necessarily PGP for Business 5.5 vs. Netscape for Security Departments vs. Internet Explorer for Fascists. No, the alternatives are to continue using ciphers with strong cores and long keys. --Tim May The Feds have shown their hand: they want a ban on domestic cryptography ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, ComSec 3DES: 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^2,976,221 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway."
participants (2)
-
Tim May -
William H. Geiger III