From: “Perry E. Metzger” <perry@piermont.com>
To: Bill Stewart <stewarts@ix.netcom.com>
Message Hash: f8573db7d32887e083258b2d8a3992b5feafa2a63024acab996b5baadbc2e5fd
Message ID: <199602191921.OAA07056@jekyll.piermont.com>
Reply To: <199602181745.JAA08925@ix5.ix.netcom.com>
UTC Datetime: 1996-02-19 20:35:20 UTC
Raw Date: Tue, 20 Feb 1996 04:35:20 +0800
From: "Perry E. Metzger" <perry@piermont.com>
Date: Tue, 20 Feb 1996 04:35:20 +0800
To: Bill Stewart <stewarts@ix.netcom.com>
Subject: Re: Some thoughts on the Chinese Net
In-Reply-To: <199602181745.JAA08925@ix5.ix.netcom.com>
Message-ID: <199602191921.OAA07056@jekyll.piermont.com>
MIME-Version: 1.0
Content-Type: text/plain
Bill Stewart writes:
> >They could use no stock software, and they would grind every machine
> >in the country to its knees doing the signatures. RSA signatures
> >aren't cheap.
>
> Could you use IPv6 / IPSP authentication to do the job?
Yes, they could. (Its IPSEC these days, by the way).
However, again, I don't think it will do them much good, especially
since forcing people to deploy strong cryptography everywhere isn't
in their best interests. They could try only doing the AH part of the
protocol, of course, but even then, using forged, stolen, or otherwise
ingenuine credentials isn't that hard. Crypto isn't a panacea, and if
you can't trust both endpoints its hard to trust the crypto itself...
Perry
Return to February 1996
Return to ““Perry E. Metzger” <perry@piermont.com>”