1995-11-30 - Re: Netscape gives in to key escrow

Header Data

From: Ray Cromwell <rjc@clark.net>
To: tcmay@got.net (Timothy C. May)
Message Hash: 5bfc85a670c52aecd0788c63c5b8c6f26b7bb8663ab790f6110f27a82d49619f
Message ID: <199511300918.EAA13821@clark.net>
Reply To: <ace2ae070a021004a5e9@[205.199.118.202]>
UTC Datetime: 1995-11-30 09:29:36 UTC
Raw Date: Thu, 30 Nov 1995 17:29:36 +0800

Raw message

From: Ray Cromwell <rjc@clark.net>
Date: Thu, 30 Nov 1995 17:29:36 +0800
To: tcmay@got.net (Timothy C. May)
Subject: Re: Netscape gives in to key escrow
In-Reply-To: <ace2ae070a021004a5e9@[205.199.118.202]>
Message-ID: <199511300918.EAA13821@clark.net>
MIME-Version: 1.0
Content-Type: text/plain



  What's the point? Surely Clark must realize that even if Netscape
adds key escrow to SSL/Secure Courier, it is still possible to tunnel
real encryption through that link thus thwarting the escrow system.
In fact, this is the perfect job for Java:

1) Client connects to server thru insecure key-escrow channel and downloads
Java applet
2) Java applet opens new connection to server using "invincible" security
as Clark puts it, and performs add transactions on this channel. In fact,
in the future, a large number of "forms" will be Java applets which
submit information back to the server themselves.

  And what about IPSEC ESP? Even if the application layer is weak,
the link layer can more than make up for it.

  Now, Netscape has momentum, and if they set a key-escrow standard, there
is a chance of it being adopted widely. However, Java applets and IPSEC
can still make transactions through an insecure netscape payment/encryption
channel.

  The genie is out of the bottle.

-Ray

Thread

• Return to November 1995

• Return to December 1995

• Return to “Adam Shostack <adam@lighthouse.homeport.org>”
• Return to “Brad Dolan <bdolan@use.usit.net>”
• Return to “Brian Davis <bdavis@thepoint.net>”
• Return to “Jay Holovacs <holovacs@styx.ios.com>”
• Return to ““Perry E. Metzger” <perry@piermont.com>”
• Return to “Ray Cromwell <rjc@clark.net>”
• Return to “s1113645@tesla.cc.uottawa.ca”

• Return to “tcmay@got.net (Timothy C. May)”

• 1995-11-30 (Thu, 30 Nov 1995 17:03:02 +0800) - Re: Netscape gives in to key escrow - tcmay@got.net (Timothy C. May)
  • 1995-11-30 (Thu, 30 Nov 1995 17:29:36 +0800) - Re: Netscape gives in to key escrow - Ray Cromwell <rjc@clark.net>
  • 1995-11-30 (Thu, 30 Nov 1995 21:52:39 +0800) - Re: Netscape gives in to key escrow - Jay Holovacs <holovacs@styx.ios.com>
    • 1995-11-30 (Fri, 1 Dec 1995 00:26:02 +0800) - [Rant!] Death by praise Re: Netscape gives in to key escrow - s1113645@tesla.cc.uottawa.ca
    • 1995-11-30 (Fri, 1 Dec 1995 02:54:32 +0800) - Re: Netscape gives in to key escrow - “Perry E. Metzger” <perry@piermont.com>
    • 1995-12-01 (Fri, 1 Dec 1995 12:47:27 +0800) - Re: Netscape gives in to key escrow - Adam Shostack <adam@lighthouse.homeport.org>
      • 1995-12-01 (Fri, 1 Dec 1995 22:12:47 +0800) - Re: Netscape gives in to key escrow - Brian Davis <bdavis@thepoint.net>
        • 1995-12-01 (Sat, 2 Dec 1995 03:06:05 +0800) - Re: Netscape gives in to key escrow - Adam Shostack <adam@lighthouse.homeport.org>
          • 1995-12-01 (Sat, 2 Dec 1995 02:15:48 +0800) - Re: Netscape gives in to key escrow - Brian Davis <bdavis@thepoint.net>
        • 1995-12-01 (Sat, 2 Dec 1995 04:00:15 +0800) - I Agree buttons, GAKzilla & liability. - s1113645@tesla.cc.uottawa.ca
          • 1995-12-01 (Sat, 2 Dec 1995 02:09:53 +0800) - Re: I Agree buttons, GAKzilla & liability. - Brian Davis <bdavis@thepoint.net>
          • 1995-12-01 (Sat, 2 Dec 1995 03:01:10 +0800) - Re: I Agree buttons, GAKzilla & liability. - Brad Dolan <bdolan@use.usit.net>