[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: S/MIME winz

To: dpkemp@xxxxxxxxxxxxxx (David P. Kemp)
Subject: Re: S/MIME winz
From: "William H. Geiger III" <whgiii@xxxxxxxxxx>
Date: Tue, 10 Mar 98 09:38:52 -0500
Cc: ietf-open-pgp@xxxxxxx
In-reply-to: <>
Sender: owner-ietf-open-pgp@xxxxxxx

In <199803101452.JAA02986@xxxxxxxxxxxxxx>, on 03/10/98 
   at 09:52 AM, dpkemp@xxxxxxxxxxxxxx (David P. Kemp) said:

>You obviously haven't been following S/MIME any more closely than Warmly
>Padgett.  Not only have MUST requirements for RSA/RC4 been dropped (RC2
>is already public), but MUST requirements for DSA/3DES have been added.

>Both S/MIME users and PGP users will be able to switch to free
>algorithms, and there is no interoperability problem between users who
>switch and those who don't (as long as they use standard-compliant
>software).

>I'll grant that PGP users may be more intellectually motivated to switch
>quickly.  PGP, Inc can speak to whether they intend to coerce users into
>switching by dropping support for optional algorithms.


<sigh> you are missing the point. The fact that RSA/RC4 has been droped is
irrelevant. If you implementation only uses DH/DSS and everyone else is
using RSA then who are you going to talk to? If all the users of Netscape,
Outlook, Lotus Notes, ...ect all use RSA keys how is your DH/DSS
implementation going to communicate with them?? Remember communication is
a two way street. If the "big players" add DH/DSS support so they can read
you messages but you still can't process the RSA messages that you
receive, what then?

I would imagine that the majority of S/MIME implementations are based on
RSADSI's BSafe. In my phone conversations with RSADSI last week they made
it plain in no uncertian terms that they will *not* be supporting these
unencumbered algorithms and their position is that DH/DSS is "untested"
and "insecure" (Their basic position is if it's not from RSADSI it's not
"secure").

Has Verisign made any offical position that they will even certify
anything other than RSA?

The simple fact is that if PGP, Inc. had not made the push for DH/DSS no
significant portion of PGP users would be using it.

-- 
---------------------------------------------------------------
William H. Geiger III  http://users.invweb.net/~whgiii
Geiger Consulting    Cooking With Warp 4.0

Author of E-Secure - PGP Front End for MR/2 Ice
PGP & MR/2 the only way for secure e-mail.
OS/2 PGP 2.6.3a at: http://users.invweb.net/~whgiii/esecure.html                        
---------------------------------------------------------------
 
Tag-O-Matic: PATH=C:\DOS;C:\DOS\RUN;C:\WIN\CRASH\DOS;C:\ME\DEL\WIN

Attachment: pgp00025.pgp
Description: PGP signature

Follow-Ups:
- Re: S/MIME winz
  - From: Paul Hoffman / IMC
- Re: S/MIME winz
  - From: Dave Crocker

References:
- Re: S/MIME winz
  - From: David P. Kemp

Prev by Date: Re: RFC 2015 problems
Next by Date: Re: Algorithm questions
Previous by thread: Re: S/MIME winz
Next by thread: Re: S/MIME winz
Index(es):
- Date
- Thread