1995-09-20 - Re: netscape’s response

Header Data

From: “Jeff Weinstein” <jsw@netscape.com>
To: Christian Wettergren <cwe@csli.stanford.edu>
Message Hash: d32360891160ec8c51905fd8a2f1b722c28aff2ef4648df4ce8e4bfdebb79783
Message ID: <9509200139.ZM206@tofuhut>
Reply To: <199509200729.AAA24565@Csli.Stanford.EDU>
UTC Datetime: 1995-09-20 08:42:47 UTC
Raw Date: Wed, 20 Sep 95 01:42:47 PDT

Raw message

From: "Jeff Weinstein" <jsw@netscape.com>
Date: Wed, 20 Sep 95 01:42:47 PDT
To: Christian Wettergren <cwe@csli.stanford.edu>
Subject: Re: netscape's response
In-Reply-To: <199509200729.AAA24565@Csli.Stanford.EDU>
Message-ID: <9509200139.ZM206@tofuhut>
MIME-Version: 1.0
Content-Type: text/plain

On Sep 20, 12:29am, Christian Wettergren wrote:
> Subject: Re: netscape's response
> One wild idea that I just got was to have servers and clients exchange
> random numbers (not seeds of course), in a kind of chaining way. Since
> most viewers connect to a number of servers, and all servers are
> connected to by many clients, they would mix "randomness sources" with
> each other, making it impossible to observe the local environment
> only. And the random values would of course be encrypted under the
> session key, making it impossible to "watch the wire".

  Wow, this is a great idea!!  SSL already sends various encrypted
random values back and forth between client and server, so this
may not be too hard to implement without changing the protocol.
I'll keep it in the back of my mind for when I have some time...


Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.