From: "Perry E. Metzger" <perry@piermont.com>
Date: Thu, 22 Aug 1996 05:19:44 +0800
To: "Erik E. Fair" (Time Keeper) <fair@cesium.clock.org>
Subject: Re: Securing Internet mail at the MTA level
In-Reply-To: <v02140b24ae3fa8d7849e@[17.255.9.110]>
Message-ID: <199608211506.LAA16055@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain



"Erik E. Fair" writes:
> SSH, while a quite useful tool, is not the right long-term solution for
> transport layer security - IP security is.

Agreed. (After all, I'm one of the creators of the spec, so how
couldn't I agree :) However, SSH is a neat hack for today -- I use it
for connecting over the net to machines where I can't hack the
operating system but can drop SSH on. An SSH like interface (actually,
Berkeley r-command like interface) will still be needed into the
future, btw.

> It's also clear to me that for E-mail, you don't want transport level
> security for the system; you want "object" security, that is, digital
> signature and encryption of the mail message.

Yup. This is a frequently missed point. Link security and object
security have different uses at different times -- and people confuse
them way too often.

Perry