[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re[2]: Current State: An EDIINT Short Status/ Request

To: mgreely@xxxxxxxxxxxxx, ietf-ediint@xxxxxxx
Subject: Re[2]: Current State: An EDIINT Short Status/ Request
From: drummond@xxxxxxxxxx (Rik Drummond)
Date: Wed, 8 May 1996 16:29:27 -0500
Sender: owner-ietf-ediint@xxxxxxx

Marvin, I am confused by your message...let me explain..... (If you don't
think I heard you when you get done reading  this let me know and I will
listen again.)

How are we chasing the latest technology or trying to change the Fed's
rules? We are doing neither in my view.

Technology

      MOSS is a standard with limited implementation. S/MIME is a
product/standard with limited
      implementation. PGP/MIME is a new standard -- a combination of PGP
and MIME.

      Do you believe we should think PGP is good enough for this
effort....is that your point?

     We have until late June to make a "informed decision" -- one which the
group feels is sufficient for our
     EDI needs.

     They all look about the same  in risk and implementation to me at the
moment.  Several of commercial
      vendors are going S/MIME -- I have seen one implementation so far. I
have seen one MOSS EDI
      implementation. I  have not seen any PGP/MIME stuff yet.

Fed Encryption rules

     I assume this is about the discussion generated by David Chia.
David's point was to ensure we cover the
     worldwide view. The responses should have conveyed that we thought the
world view was being
     covered.

I understand your impatience. I would like to get this done also...If we do
not do this joint investigation and consensus gathering process....we will
have companies doing different standards.

We started this in Feb. and will complete it in July....I think five months
is very speedy.

We should have a very detailed matrix to share with the list comparing the
alternatives in a couple of weeks.  This is the matrix we will use select
the primary method and subsequently sell it to the EDI product predicting
firms management (very key point).

Hope that helps.....Stay with us....We are on course and on schedule....It
will resolve -- if it can resolve.

Later...Rik



>     I believe David has a valid point here.  How long are we going to
>     chase the latest technology???  Having spent 3 years doing R&D with
>     the Army as a technology transfer manager some one is always wanting
>     to wait for another month to get the next available process.
>
>     We are not going to change the Fed's encryption rules in the next 9
>     months or the next 18 months I don't think.  We are just not big
>     enough, to swing enough weight for that type of law change.  So lets
>     get back to the requirements that we are bound to today and get
>     something on the market that can be used.
>     In 18 months there will be something new and some of this will have to
>     be done all again.  WE may be doing EDI vis "sockets" from home pages
>     and not sending messages.  The consumer needs something today,  Low
>     cost, easy to use.
>
>     If the user wants to purchase an commercial package it need to be
>     something that can be supported easily today by more than one vendor.
>     If the users wants to do it them self's then the tools to do that need
>     to be easily available.
>
>     At what point are we going to shoot he engineer and ship the product?
>
>     marvin
>
>
>     Marvin D Greely
>     Director EC
>     Prism Information
>
>
>______________________________ Reply Separator
>_________________________________
>Subject: Re: Current State: An EDIINT Short Status/ Request
>Author:  Dave Crocker <dcrocker@brandenburg.com> at INTERNET
>Date:    5/8/96 1:12 PM
>
>
>At 8:56 AM  -0700 5/8/96, Rik Drummond wrote:
>>integrity. We do not solve secrecy. How important is secrecy to the EDI
>>over Internet effort INITIALLY?
>
> To the extent this helps, let me suggest dividing the question into
>two:
>
>1.  How important is it to have "strong" encryption, which incurs export
>problems?
>
>2.  How important is it to have "basic" encryption, which can be exportable
>and is adequate for protection against casual inspection but which will not
>withstand a strong attack by a skilled professional?
>
>d/
>
>ps.  I think the latter is quite viable for many transaction.
>Distinguishing which it is and is not adequate for then becomes the task.
>
>--------------------
>Dave Crocker                                            +1 408 246 8253
>Brandenburg Consulting                             fax: +1 408 249 6205
>675 Spruce Dr.                                 dcrocker@brandenburg.com
>Sunnyvale CA 94086 USA                       http://www.brandenburg.com
>
>Internet Mail Consortium               http://www.imc.org, info@imc.org
>
>

------------------------------------------------------
|         Rik Drummond - The Drummond Group         |
|   5008 Bentwood Ct., Ft. Worth, TX 76132 USA  |
|        Voice: 817 294 7339    Fax: 817 294 7950     |
------------------------------------------------------

Prev by Date: Re: Current State: An EDIINT Short Status/ Request
Next by Date: EDIINT -- International Encryption Issues
Previous by thread: Re: Current State: An EDIINT Short Status/ Request
Next by thread: Re: Current State: An EDIINT Short Status/ Request
Index(es):
- Date
- Thread