[4976] in cryptography@c2.net mail archive
Re: so why is IETF stilling adding DES to protocols? (Re: It's official... DES is History)
daemon@ATHENA.MIT.EDU (William H. Geiger III)
Fri Jun 25 16:21:47 1999
From: "William H. Geiger III" <whgiii@openpgp.net>
Date: Fri, 25 Jun 1999 10:35:10 -0500
To: Ben Laurie <ben@algroup.co.uk>
In-Reply-To: <377366B9.A1D1816A@algroup.co.uk>
Cc: Adam Back <aba@dcs.ex.ac.uk>, rah@shipwright.com, dcsb@ai.mit.edu,
cryptography@c2.net, cypherpunks@cyberpass.net, jis@mit.edu,
mleech@nortel.ca
In <377366B9.A1D1816A@algroup.co.uk>, on 06/25/99
at 12:23 PM, Ben Laurie <ben@algroup.co.uk> said:
>Adam Back wrote:
>> My arguments that adding broken ciphersuites to an IETF standard was
>> in direct and obvious violation of RFC 1984 fell on deaf ears, as
>> Netscape, microsoft and even openSSL (in the form of Ben Laurie)
>> busily rushed and implemented the proposed broken ciphersuites.
>OpenSSL has them disabled by default. But I am torn on this question:
>these new ciphersuites give greater strength than existing ones when
>interopping with export stuff. Is it sensible to refuse to add stronger
>ciphersuites? If it isn't, because they are crap, should we (the OpenSSL
>team) disable _all_ export ciphersuites?
I am *strongly* in favor in disabling all export ciphersuites. There is
just no use for them. Netscrape, Micky$loth, & RSADSI may have no problem
selling false security to their customers, IMHO the OpenSSL group should
be above this.
I really think that a quick end could be brought to the export issue if a
few people overseas sued these companies for fraud.
--
---------------------------------------------------------------
William H. Geiger III http://www.openpgp.net
Geiger Consulting Cooking With Warp 4.0
Author of E-Secure - PGP Front End for MR/2 Ice
PGP & MR/2 the only way for secure e-mail.
OS/2 PGP 5.0 at: http://www.openpgp.net/pgp.html
Talk About PGP on IRC EFNet Channel: #pgp Nick: whgiii
Hi Jeff!! :)
---------------------------------------------------------------
