From: geeman@best.com
Date: Thu, 28 Nov 1996 09:10:01 -0800 (PST)
To: ben@algroup.co.uk
Subject: Re: SAFEPASSAGE BRINGS STRONG CRYPTO TO WEB BROWSERS WORLDWIDE
Message-ID: <3.0.32.19961128085237.0069afc0@best.com>
MIME-Version: 1.0
Content-Type: text/plain


At 07:12 AM 11/27/96 +0000, you wrote:
.....etc
Can you be more specific?
What are the vulnerabilities you are aware of?

>I've never seen a security review of SSLeay, and if anyone gave it a clean
bill
>of health, they didn't have their eye on the ball. Note, I'm not knocking
>SSLeay here, it is a wonderful lump of code, but it hasn't been written with
>security in mind (IMHO).
>
>Cheers,
>
>Ben.
>
>-- 
>Ben Laurie                Phone: +44 (181) 994 6435  Email: ben@algroup.co.uk
>Freelance Consultant and  Fax:   +44 (181) 994 6472
>Technical Director        URL: http://www.algroup.co.uk/Apache-SSL
>A.L. Digital Ltd,         Apache Group member (http://www.apache.org)
>London, England.          Apache-SSL author
>
>