[13790] in cryptography@c2.net mail archive

home help back first fref pref prev next nref lref last post

Re: LibTomNet [v0.01]

daemon@ATHENA.MIT.EDU (Ian Grigg)
Tue Jul 8 21:19:07 2003

X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Tue, 08 Jul 2003 20:07:44 -0400
From: Ian Grigg <iang@systemics.com>
Reply-To: iang@systemics.com
To: EKR <ekr@rtfm.com>
Cc: tom st denis <tomstdenis@yahoo.com>, cryptography@metzdowd.com

Eric Rescorla wrote:

> My logic is that if you're going to create something new, it should
> be better than what already exists.

Right.  But better is not a binary choice in real
life.  SSL is only "better" if it exceeds all
requirements when compared against a product
that has only those requirements.

One needs to look at the requirements.  Tom's
requirements didn't include message integrity,
if I saw correctly, because he had something
in there at a higher layer that covered him
there.  That's good.

Does Tom require certs?  No, or *even better*
he explicitly outsourced that requirement to
another layer, thus allowing the protocol to
be simpler.  This is a great thing, and my
reading of the protocol of SSL - from Eric's
book - indicates that SSL would benefit from it

Does he require replay protection?  Is he worried
about MITM?  What about authenticity?  These all
need to be established before you can compare any

The whole world doesn't want or need perfect
channel security.  That's because some parts of
the world have different needs.


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com

home help back first fref pref prev next nref lref last post