-----BEGIN PGP SIGNED MESSAGE-----

It my personal feeling that Netscape doesn't have the right talent mix to develop secure software. For example, they may well get the RSA parts right, and then store the passphrase in a text file, 'for ease of use.' The RSA is secure, but the system is not secure if usnauthorized people using your machine is a possibility.

Writing secure software is a difficult and tricky buisness that requires a lot of effort; early versions of Mosaic had problems.

Netscape really needs to develop a threat model that allows them to assess the severity of potential problems. It is my guess that they have not done so, although, I'd be pleased to hear I'm wrong.

Everyone's favorite company, First Virtual, seems to have developed a threat model that allows them to offload allmost all risk and security problems to their customers. It may not be a good solution, but at least they have considered how the security of their system intersects the real world. Just integrating RSA does not do that.

This intrigued me, so I checked it out. I didn't see anything about a threat model, but they did have some extensive discussion about their security, including things I found interesting... They call their system "Secure Sockets Layer" (SSL), which appears to be a kind of link-level encryption which they layer below HTTP. This is opposed to SHTTP, which is more MIME-like. They don't seem to think much of SHTTP; their FAQ answers the question "Are there other secure browsers available?" with "Nope; no one else uses SSL at this time." (paraphrased) What's interesting is that they're planning to put NNTP, FTP, etc. on top of SSL as well, allowing for "secure FTP" and "secure news", etc. SSL is supposedly an open standard, and Netscape is pressing for it to become a true standard. Apparently, they've even issued an RFC for it. The full text of the SSL protocol is on their Web site. As for technical issues, they aren't very satisfactory concerning the kind of questions Adam raised; it's mostly about RC4 layered on top of RSA and MD5 hashes sent at this time, etc... The SSL spec contains a section on attacks which seems elementary even to my novice mind. Is there interest in posting the spec? It's in RFC format, but hasn't even been assigned a number yet, so it doesn't appear to be uncopyable, as it were. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBLuiwnjER5KvPRd0NAQGBNAP+PpTRHhzVq+ogPkCUP4vBSYG9ooOnSVOi tOaG+4zQYJa7iPBP11/aODYM9JjlNr8zGBDfKr1SzOI7ntg59C8/aGscc5XvJh5I wE2TxHOqA+OE+AtSy4jDE09yVG/TUZuO69Ig5+v/xJy+XU1nspUoJ02mi5EQo/59 Qq1nDoeKpoE= =vBg6 -----END PGP SIGNATURE-----