[244] in WWW Security List Archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: info on proposed SSL protocol and Netscape implementation

daemon@ATHENA.MIT.EDU (Paul Leach)
Mon Nov 28 23:55:05 1994

From: Paul Leach <paulle@microsoft.com>
To: www-security@ns1.rutgers.edu, zurko@osf.org
Date: Mon, 28 Nov 94 12:15:50 TZ
Cc: hallam@dxal18.cern.ch
Reply-To: Paul Leach <paulle@microsoft.com>

----------
| From: Mary Ellen Zurko  <zurko@osf.org>
| To:  <www-security@ns1.rutgers.edu>
| Cc: Me  <zurko@osf.org>;  <hallam@dxal18.cern.ch>
| Subject: Re: info on proposed SSL protocol and Netscape implementation
| Date: Monday, November 28, 1994 12:13PM
|

| Our approach is similar to SSL's, in that the security occurs at the
| transport layer.

Aren't you being a little ambiguous in saying that "security" occurs at 
the transport layer?  Actually, _authentication_ (via ACLs) is done at 
the (RPC) transport layer, and _authorization_ is done at the 
application layer.

Also, I thought that DCE had been shipping with these features for a 
couple of years?

Paul


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[244] in WWW Security List Archive

Re: info on proposed SSL protocol and Netscape implementation

daemon@ATHENA.MIT.EDU (Paul Leach)Mon Nov 28 23:55:05 1994

daemon@ATHENA.MIT.EDU (Paul Leach)
Mon Nov 28 23:55:05 1994