1995-07-13 - Re: Crisis Overload (re Electronic Racketeering)

Header Data

From: Tatu Ylonen <ylo@cs.hut.fi>
To: tcmay@sensemedia.net
Message Hash: b0b4ee1ef0d851dbe3545150f3498c8d9442d633e0662ef5e734bd8036d347d6
Message ID: <199507132215.BAA17628@shadows.cs.hut.fi>
Reply To: <ac2aab2c0b021004b5fe@[205.199.118.202]>
UTC Datetime: 1995-07-13 22:15:12 UTC
Raw Date: Thu, 13 Jul 95 15:15:12 PDT

Raw message

From: Tatu Ylonen <ylo@cs.hut.fi>
Date: Thu, 13 Jul 95 15:15:12 PDT
To: tcmay@sensemedia.net
Subject: Re: Crisis Overload (re Electronic Racketeering)
In-Reply-To: <ac2aab2c0b021004b5fe@[205.199.118.202]>
Message-ID: <199507132215.BAA17628@shadows.cs.hut.fi>
MIME-Version: 1.0
Content-Type: text/plain


One motivation behind SSH is trying to make it a de-facto standard
replacement for rlogin and rsh.  That would make it very hard to
replace.  It provides important benefits in authentication and
protection against intruders - and as a side effect it provides hard
to break encryption for anyone.  Plus, it was created and is primarily
distributed *outside* the United States, in a country where none of
the algorithms are patented.  It can thus be openly available for
anyone, and is not limited by US export restrictions.  It currently
includes two algorithms that I know to be patented: RSA and IDEA.
IDEA can be eliminated from it without breaking compability if it
turns out necessary (and, several sources say that non-commercial use
of IDEA is permitted).  RSA is not patented anywhere but in the US,
and there it may be possible for most people to get away by using
RSAREF.

There is more information at http://www.cs.hut.fi/ssh.  The RFC
describes the protocol.

The current list of distribution sites includes:
   ftp.funet.fi:/pub/unix/security
   ftp.unit.no:/pub/unix/security 
   ftp.net.ohio-state.edu:/pub/security/ssh 
   ftp.kiae.su:/unix/crypto 
   ftp.cs.hut.fi/pub/ssh 

More sites are welcome.

    Tatu Ylonen <ylo@cs.hut.fi>





Thread