SSLeay - Whats the story...

Adam Shostack adam at bwh.harvard.edu
Mon Aug 7 14:08:14 PDT 1995



| > As SSL has some intrinsic points of weakness, I don't see the point
| > of sticking to it to secure the TCP layer.
| 
| just wondering but...What are the intrinsic points of weakness?  

	As Bruce Schneier reminded people in his keynote at Defcon,
its easier to steal the keys than to break the cryptosystem.  Web
servers tend to be far too big and bulky to be trusted with
cryptographic keys.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume






More information about the cypherpunks-legacy mailing list