[528] in WWW Security List Archive
Re: SSL etc
daemon@ATHENA.MIT.EDU (Bryan J. Ischo)
Fri Mar 17 20:45:16 1995
Date: Fri, 17 Mar 1995 17:18:03 -0500 (EST)
From: "Bryan J. Ischo" <bi04+@andrew.cmu.edu>
To: www-security@ns2.rutgers.edu
In-Reply-To: <199503171209.HAA01682@ns2.rutgers.edu>
Errors-To: owner-www-security@ns2.rutgers.edu
Excerpts from mail: 17-Mar-95 Re: SSL etc by smb@research.att.com
> One important point about SSL is that it is not purely limited
> to WWW. I will be implementing SSL for SMTP conversations some
> time in the next couple of months. I am actually trying to
> find out what port people would wish that I used.
>
> This is also a disadvantage, in that the same functionality is being
> standardized at a different layer, to wit the IP security stuff.
I would think that this is actually an advantage. Once this
Internet standard IP level security stuff comes along, none of the
protocols above the SSL security layer need to change. The SSL layer
just drops out, and everything remains the same above the SSL layer. In
this way NO new protocols other than SSL need to be introduced while
we're waiting for IP security, and all of the existing protocols
continue to be relevant after that point.
Bryan
