From: "Perry E. Metzger" <perry@piermont.com>
Date: Sat, 27 Jul 1996 13:19:04 +0800
To: frantz@netcom.com (Bill Frantz)
Subject: Re: Usenet Conference on Security
In-Reply-To: <199607262252.PAA03209@netcom8.netcom.com>
Message-ID: <199607270034.UAA24175@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



Bill Frantz writes:
> While the Department of Justice guy (whose name slips my mind) was saying 4
> horsemen over and over (really an oversimplification of his position), Data
> Fellows Ltd., Paivantaite 8, FIN-02210 ESPOO, Finland
> (http://www.datafellows.com) was in the vendor area offering strong crypto
> products with the line in one of their handouts, "This is orders of
> magnitude more security than DES-based or US products that are under the US
> ITAR export restrictions."  In talking with them I didn't smell any snake
> oil.

As an aside, the stuff Datafellows is selling is, I believe, a
commercial version of SSH, which is very good stuff. Its a full
replacement for the whole berkeley "r" utilities using strong crypto
(public key and conventional) for authentication and privacy. Does
rlogin, rsh, redirects X sessions, slices and dices, etc. Really
spiffy.

(SSH suffers from a few minor flaws, but they will likely be corrected
in the future; the only thing that worries me about it is that it is
very large and thus hard to fully analyse, but it looks good enough
that I've been using it day to day for many many months for all my
medium security work.)

Perry