IPSP and Netscape

Kipp E.B. Hickman kipp at warp.mcom.com
Tue Dec 13 11:05:44 PST 1994


On Dec 13,  2:00pm, Adam Shostack wrote:
> Subject: Re: IPSP and Netscape
> Kipp wrote:
>
> | IPSP was not in my vocabulary at the time of the first posting. Ignorance
> | was briefly bliss :^)
>
> 	My, this is a _tasty_ burger.
>
> | However, regardless of whether or not extant hardware is reusable,
> | there is still the not so small matter of software. Software for PC's,
> | MAC's and a host of UNIX machines before a workable secure network can
> | be constructed. It is a good thing that IPSP requires only software to
> | meet it's goals. This same property is true of SSL.
> |
> | Finally, I never said that "SSL is better than anything out there". I
> | don't know who did. All I said is that "SSL is something", which isn't
> | really saying much. SSL is A solution to A set of problems, namely
> | privacy and authentication.
>
> 	I'm not sure I understand.  Could you explain what you mean by
> privacy, and how it is maintained by SSL?  (My question, obviously, is
> informed by Hal's recent comments on privacy.)

SSL provides "channel" privacy. The two endpoints which are communicating can
be ensured of three basic properties:

  1. You are certain who you are talking to (server authentication)
  2. Your conversation with the server is private (privacy using encryption)
  3. Your conversation cannot be interfered with (data integrity)

That is all SSL does. MIME multipart encoding used on documents can provide
deeper encryption, tamper-proof document storage, etc. There are up and coming
standards for these actions.



-- 
---------------------------------------------------------------------
Kipp E.B. Hickman          Netscape Communications Corp.
kipp at mcom.com              http://www.mcom.com/people/kipp/index.html








More information about the cypherpunks-legacy mailing list