From: "Phil G. Fraering" <pgf@srl.cacs.usl.edu>
Date: Tue, 19 Apr 94 16:04:18 PDT
To: hfinney@shell.portal.com
Subject: Re:  Press Release on Secure NCSA Mosiac
Message-ID: <199404192259.AA17531@srl03.cacs.usl.edu>
MIME-Version: 1.0
Content-Type: text/plain


Another question entirely:

Might it be better just to use some sort of stream cypher that
works by XOR'ing the stream against a large one-time pad where
the used parts are deleted as it goes along? I'm thinking currently
of telnet-level applications or larger-level ones based on telnet
like HTTP (I know, technically there are better descriptions of HTTP
and the like).

It would be easy to pre-distribute the one-time pads via PGP or
RSA. This has the advantage of not locking the whole infrastructure
into a single public key system.

Phil