Re: Draft of workshop notes

Scott Hollenbeck (hollenbe@east.xsis.xerox.com)
Fri, 8 Mar 1996 03:45:59 PST

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Previous message: Raph Levien: "Re: Draft of workshop notes"

On Thu, 7 Mar 1996 17:43:42 PST  Raph Levien wrote:
>Mr. Housley,
>
>   I agree that algorithm replacement is a worthy goal, but it is a
>separate criterion from the ones I've proposed.
>
>   I do not think you understand my "Interoperable implies Secure"
>criterion. It refers to the security of the weakest algorithm specified
>for use with the protocol. Although it is pretty clear that you and I
>disagree on whether it's a useful criterion, I still do not see why
>there should be any grounds for disagreement on which +'s and -'s to
>fill in. If the minimum algorithm is secure, it gets a +. If not, then
>not. PGP's minimum algorithm is RSA and IDEA, which at 128 bits, no key
>escrow, and publicly available documentation, clearly rates a +. MSP's
>minimum algorithm (that I know of) is Fortezza, which rates a - at best,
>for reasons I've explained above.

MSP has no "minimum" algorithm -- while existing implementations use
Fortezza, the protocol is algorithm independent.  Maybe this is hair
splitting, but I think it's important to be able to disassociate MSP
and Fortezza.

==================================================
Scott A. Hollenbeck (hollenbe@east.xsis.xerox.com)
Manager, Software Systems Engineering
Xerox Special Information Systems
1901 North Moore Street, Lower Lobby, Suite 5
Arlington, Virginia, USA 22209
(703) 284-3865
==================================================

Previous message: Raph Levien: "Re: Draft of workshop notes"