From: lucifer@dhp.com (Anonymous)
Date: Thu, 28 Nov 1996 17:02:48 -0800 (PST)
To: cypherpunks@toad.com
Subject: Re: SAFEPASSAGE BRINGS STRONG CRYPTO TO WEB BROWSERS WORLDWIDE
In-Reply-To: <9611281907.aa27702@gonzo.ben.algroup.co.uk>
Message-ID: <199611290102.UAA13822@dhp.com>
MIME-Version: 1.0
Content-Type: text/plain


> From: Ben Laurie <ben@gonzo.ben.algroup.co.uk>
> 
> I think I would discuss this with the author before going public, to give
> him the usual opportunity to clean up before all hell breaks loose. However,
> that is what I'd call "work" rather than "fun", so I'd want paying for it.

Translation:  You don't really know what you are talking about.

> My impression is that Eric is more interested in speed and functionality than
> strict security (and considering the incredible vulnerability that is more or
> less inherent in an SSL implementation, I feel the same). I could be wrong, of
> course.

How is any security hole inherent in an SSL implementation?  The
protocol itself may not give you everything you need, but regardless
of whether or not the protocol is useable for any given task (or any
task at all), nothing precludes a secure implementation.