[44742] in Cypherpunks
Re: NIST GAK export meeting, short version
daemon@ATHENA.MIT.EDU (Rich Salz)
Tue Dec 5 19:13:39 1995
From: Rich Salz <rsalz@osf.org>
Date: Tue, 5 Dec 1995 18:49:19 -0500
To: pfarrell@netcom.com
Cc: cypherpunks@toad.com
>_do control_. They hope that the pain of having multiple versions will be
>so high that no vendor will bother, and all we'll have is crippled
>software.
>I think that the real key is for everyone, worldwide to insist on
>both strong crypto and interoperability.
Anything that uses cryptography absolutely and positively *must* support
multiple cryptographic protocols. Tag every RPC, transaction, method
invocation, what-have-you with some indicator that indicates not only
"encrypted" but "encrypted via method 2". Allow customers to specify
policy, at least via an environment variable such as
NETSCAPE_SSL_PROTECTION=1,2,4
where the online documentation says
1 = 512bit RSA
2 = 256bit RSA
4 = Rot 13
Design open, extensible architectures with public registries and protocol
descriptions.
/r$
