From: strick@techwood.org
Date: Wed, 8 Feb 95 10:52:26 PST
To: "Kipp E.B. Hickman" <kipp@warp.mcom.com>
Subject: Re: skronk
In-Reply-To: <9502080951.ZM27700@warp.mcom.com>
Message-ID: <199502081852.KAA01719@gwarn.versant.com>
MIME-Version: 1.0
Content-Type: text/plain


THUS SPAKE "Kipp E.B. Hickman" <kipp@warp.mcom.com>:
# FYI:
# 
# If you haven't already, I suggest you take a look at the SSL spec
# (http://home.mcom.com/info/SSL.html)

[ carbon to cypherpunks, whom i think would be interested]

i've been looking at that.  

It seems that a special port has to be allocated for each TCP service.
So it's not clear to me how to find out if others on the net offer SMTP
with SSL, or how I can put SSL into my X11 clients & server.  You see
what I'm getting at?

It also looks like some heavy equipment is necessary to manage these
RSA certficiates.  Is there anything like PGP's keyring management for
manipulating my web-of-trust?  Where do I find the docs?

# It does what you are trying to accomplish (I think), and it is already deployed
# in production code (the Netscape client and server products). In addition, we
# announced this week a free (for non-commerical use) reference implementation.
# The code will be out on the net as soon as the lawyers are happy :-)

aha ... that's the missing link.  I'd certainly like to add it to the
protocols that SKRONK advertizes and negotiates, but doing my own
implementation of these complex protocols, and building machinery for
using non-PGP certificates, was way more than I could handle.

Please beat your lawyers to a pulp, until they make it useful for us.
If I can't create generally useful things with it, and share it with
thousands of others on the net for free, it's not going to be used by
the cypherpunk community.

I recommend you put your reference implementation in the public domain
(except for the RSAREF component).  Or take Matt Blaze's crypto
offerings from AT&T as your model.  


		best regards, strick