From: Alan Olsen <alano@teleport.com>
To: cypherpunks@toad.com
Message Hash: 33ad0b8fcb92ffec570be9293c28fc6cec3aa75e98a95aa6476bc8e4b9a0b642
Message ID: <2.2.32.19960125090041.008e7488@mail.teleport.com>
Reply To: N/A
UTC Datetime: 1996-01-25 10:19:04 UTC
Raw Date: Thu, 25 Jan 1996 18:19:04 +0800
From: Alan Olsen <alano@teleport.com>
Date: Thu, 25 Jan 1996 18:19:04 +0800
To: cypherpunks@toad.com
Subject: Re: Hack Lotus?
Message-ID: <2.2.32.19960125090041.008e7488@mail.teleport.com>
MIME-Version: 1.0
Content-Type: text/plain
At 01:38 AM 1/25/96 +0000, you wrote:
>I have no doubt that enterprising hackers will be able to hack
>the international version of lotus Notes to make it as secure
>as the domestic version. It is probably just a matter of NOPing
>some code.
>
>The real problem is the 64 bit key in the domestic version. This
>conforms to the NIST "standard" for an exportable system. In other
>words to allow the international people to have almost non-existant
>40 bit security, they have limited domestic users to 64 bit secuity.
>The 64 bits keys must be breakable at least in some sense or the limitation
>would not be in the NIST "standard".
{stuff deleted]
Something just came to mind... What if there is not difference between the
exportable and non-exportable versions? Could it be that they are *both* GAKed?
Maybe I am just being paranoid (or thinking that IBM might just be lazy
enough to push out a single version under two versions), but it is something
that needs to be determined.
Does anyone out there have access to both versions for a comparison?
Alan Olsen -- alano@teleport.com -- Contract Web Design & Instruction
`finger -l alano@teleport.com` for PGP 2.6.2 key
http://www.teleport.com/~alano/
"Is the operating system half NT or half full?"
Return to January 1996
Return to “Alan Olsen <alano@teleport.com>”
1996-01-25 (Thu, 25 Jan 1996 18:19:04 +0800) - Re: Hack Lotus? - Alan Olsen <alano@teleport.com>