1995-07-20 - Re: Netscape the Big Win

Header Data

From: Adam Shostack <adam@bwh.harvard.edu>
To: hfinney@shell.portal.com (Hal)
Message Hash: 3123006b99a5d5b4c83ea283621e111989646f939ab3e9226318f54c4b461566
Message ID: <199507201556.LAA15191@bwh.harvard.edu>
Reply To: <199507201453.HAA19510@jobe.shell.portal.com>
UTC Datetime: 1995-07-20 15:56:27 UTC
Raw Date: Thu, 20 Jul 95 08:56:27 PDT

Raw message

From: Adam Shostack <adam@bwh.harvard.edu>
Date: Thu, 20 Jul 95 08:56:27 PDT
To: hfinney@shell.portal.com (Hal)
Subject: Re: Netscape the Big Win
In-Reply-To: <199507201453.HAA19510@jobe.shell.portal.com>
Message-ID: <199507201556.LAA15191@bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


Hal writes:
| >Among other things, SSL only lets you authenticate to X.509
| >certificate roots that have been issued straight from the hands of Jim

| Unfortunately the main alternative to SSL being pushed now, SHTTP, also
| suffers from RSA-itis.  It will support either PEM or PKCS-7 key
| certificates, so I think ends up being pretty much the same as SSL in
| this regard.

	Actually, it also supports Kerberos (not relevant to most of
us), and PGP messaging.  Although a KCA would be needed before anything
useful came of the PGP support, at least its there.

	However, right now, there are few real alternatives to RSA
based schemes.  Has anyone looked deeply at SLED's procedures for key
authentication?

Adam




Thread