1995-09-20 - Re: netscape’s response

Header Data

From: “Jeff Weinstein” <jsw@netscape.com>
To: sameer <sameer@c2.org>
Message Hash: 6dc3836ecd65509469b3ddbc9c9c42d4f9d06a38ce31442596ef11af563da96f
Message ID: <9509200254.ZM206@tofuhut>
Reply To: <199509200825.BAA18996@infinity.c2.org>
UTC Datetime: 1995-09-20 09:58:26 UTC
Raw Date: Wed, 20 Sep 95 02:58:26 PDT

Raw message

From: "Jeff Weinstein" <jsw@netscape.com>
Date: Wed, 20 Sep 95 02:58:26 PDT
To: sameer <sameer@c2.org>
Subject: Re: netscape's response
In-Reply-To: <199509200825.BAA18996@infinity.c2.org>
Message-ID: <9509200254.ZM206@tofuhut>
MIME-Version: 1.0
Content-Type: text/plain


On Sep 20,  1:25am, sameer wrote:
> Subject: Re: netscape's response
> > but someone who is trained in computer
> > security and cryptography implementation should *know* to check these
> > things.
> 
> 	Upon consideration, I am going to retract this statement-- I
> suppose you can't check -everything-. (I still blame Netscape for
> shoddy crypto in the first place, just not Jeff in particular)

  It turns out that Taher Elgamal and I started working here within
a week of each other, about 6 months ago.  Neither of us thought to
take a serious look at the RNG seed code.  I don't think that anyone
would accuse Taher of being an amateur in this area.

  I for one just didn't think about it enough to realize that while
we got the RNG code from RSA, they did not provide seed code.

  As for my background, I am not a trained cryptographer, but I do
understand protocols, did some internet security work as a sysadmin
while in school, and have had a casual interest in crypto stuff
for several years.  If you want the gory details see my web page...

	--Jeff


-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.

Thread

• Return to September 1995

• Return to “Christian Wettergren <cwe@Csli.Stanford.EDU>”
• Return to “iagoldbe@csclub.uwaterloo.ca (Ian Goldberg)”
• Return to ““Jeff Weinstein” <jsw@netscape.com>”
• Return to “Jiri Baum <jirib@cs.monash.edu.au>”
• Return to “jsw@neon.netscape.com (Jeff Weinstein)”
• Return to “paul@poboy.b17c.ingr.com (Paul Robichaux)”
• Return to ““Perry E. Metzger” <perry@piermont.com>”

• Return to “sameer <sameer@c2.org>”

• 1995-09-19 (Tue, 19 Sep 95 16:09:49 PDT) - netscape’s response - sameer <sameer@c2.org>
  • 1995-09-20 (Tue, 19 Sep 95 22:53:59 PDT) - Re: netscape’s response - jsw@neon.netscape.com (Jeff Weinstein)
    • 1995-09-20 (Wed, 20 Sep 95 00:29:33 PDT) - Re: netscape’s response - Christian Wettergren <cwe@Csli.Stanford.EDU>
      • 1995-09-20 (Wed, 20 Sep 95 01:42:47 PDT) - Re: netscape’s response - “Jeff Weinstein” <jsw@netscape.com>
      • 1995-09-21 (Wed, 20 Sep 95 21:23:36 PDT) - Exchange random numbers (was: Re: netscape’s response) - Jiri Baum <jirib@cs.monash.edu.au>
    • 1995-09-20 (Wed, 20 Sep 95 00:45:44 PDT) - Re: netscape’s response - sameer <sameer@c2.org>
    • 1995-09-20 (Wed, 20 Sep 95 01:17:15 PDT) - Re: netscape’s response - sameer <sameer@c2.org>
      • 1995-09-20 (Wed, 20 Sep 95 01:31:04 PDT) - Re: netscape’s response - sameer <sameer@c2.org>
        • 1995-09-20 (Wed, 20 Sep 95 02:58:26 PDT) - Re: netscape’s response - “Jeff Weinstein” <jsw@netscape.com>
          • 1995-09-20 (Wed, 20 Sep 95 07:37:07 PDT) - Re: netscape’s response - “Perry E. Metzger” <perry@piermont.com>
      • 1995-09-20 (Wed, 20 Sep 95 02:52:20 PDT) - Re: netscape’s response - “Jeff Weinstein” <jsw@netscape.com>
      • 1995-09-20 (Wed, 20 Sep 95 14:56:33 PDT) - Re: netscape’s response - iagoldbe@csclub.uwaterloo.ca (Ian Goldberg)
    • 1995-09-20 (Wed, 20 Sep 95 05:50:38 PDT) - Re: netscape’s response - paul@poboy.b17c.ingr.com (Paul Robichaux)