From: Jeff Weinstein <jsw@netscape.com>
Date: Tue, 23 Jul 1996 20:09:51 +0800
To: Lucky Green <shamrock@netcom.com>
Subject: Re: Netscape
In-Reply-To: <v02120d1dae1a1186fd2e@[192.0.2.1]>
Message-ID: <31F48BF4.4F2E@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain


Lucky Green wrote:
> 
> At 13:38 7/22/96, Tom Weinstein wrote:
> 
> >Yes, and that's what we're trying to do.  Get strong crypto in the hands
> >of as many people as we can.  I can hardly wait until we get S/MIME in.
> 
> What will Netscape do to about the 40bit RC-2 default and the signatures on
> the outside of the encryption envelope design flaws in S/MIME? I can't
> imagine Netscape releasing software that has these two properties.

  If you know that the recipient can read a message encrypted with
3DES, IDEA, or RC2-128, then you can send the message using one of
these strong algorithms.  Given that you need someones public key
to send them a message, there are several obvious ways to transmit
information about what algorithms they accept along with it.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.