1995-09-21 - Netscape is doing well – give ‘em a break.

Header Data

From: John Gilmore <gnu@toad.com>
To: cypherpunks, gnu
Message Hash: 9e836d68998735665329e926976e02f18684d46d809281b47f58a7de29420e44
Message ID: <9509210552.AA07852@toad.com>
Reply To: <199509202041.NAA07036@comsec.com>
UTC Datetime: 1995-09-21 05:52:27 UTC
Raw Date: Wed, 20 Sep 95 22:52:27 PDT

Raw message

From: John Gilmore <gnu@toad.com>
Date: Wed, 20 Sep 95 22:52:27 PDT
To: cypherpunks, gnu
Subject: Netscape is doing well -- give 'em a break.
In-Reply-To: <199509202041.NAA07036@comsec.com>
Message-ID: <9509210552.AA07852@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


> > around at the time that this code was being written.  I must admit that
> > the RNG seed code was not an area that I thought to examine when I took
> > over our security library.
> 
> 	I don't know what your background is, so don't take this as a
> personal attack please, but someone who is trained in computer
> security and cryptography implementation should *know* to check these
> things. Hell, even I would check those things, and I'm not a
> cryptographer by any means.

Hey folks, lighten up!  

Netscape is to be commended for even *putting* crypto into their
product!  Of course the first version is going to have a few screwups;
they're in a fast market and things must be done in a hurry.  But they
are showing a real committment to securing Internet privacy and
commerce -- with real algorithms and without key escrow.  They hired a
real cryptographer, and their security programmer is a cypherpunk.
They've told the world they will put the real "domestic" version out
for public use.  This is a step that a very small number of companies
even bother with; most don't even have a high-security unexportable
version.  They're combing the net for better random number algorithms.
We could do a lot worse!

Cygnus' Kerberos faced the same random-seed problems and punted in
similar ways.  Our random numbers are derived from the time and the
PID and etc.  You can read the sources to see.  Ted Ts'O claims it is
harder to exploit them because they're mixed in (with DES encryption)
with a secret key, either the Kerberos database's master key on the
server, or the session key from the ticket on the client.  But I
haven't done a full blown security analysis of this scheme.  I was too
busy trying to productize it on eight platforms, write real
documentation, do customer support, and make it run on the *^*&%&&#
Macintosh.  I did have it marked in my mind as something to look at
"when I had the time".  If you-all have the time, hey, go for it!
Might as well look at the one in MIT K5, since that's the development
tree from which all future Kerberoses will come.

All progress is by steps.  Let's step on each others' shoulders, not
on each others' toes.  Netscape is doing us a favor by pushing strong
crypto.  We are doing them a favor by pointing out problems before
they cause major losses to Netscape customers.  The result is higher
security for everyone, and more respect for each other's efforts.  So
kindly show them a little...

	John Gilmore







Thread