1997-01-23 - Re: P.S. David Kahn’s editorial today

Header Data

From: Adam Shostack <adam@homeport.org>
To: Carl Ellison <cme@cybercash.com>
Message Hash: 04b2296c5a75dd056d80cb8c10ce1570f2501251932986f32c6d1179b6989870
Message ID: <199701231429.GAA15847@toad.com>
Reply To: N/A
UTC Datetime: 1997-01-23 14:29:49 UTC
Raw Date: Thu, 23 Jan 1997 06:29:49 -0800 (PST)

Raw message

From: Adam Shostack <adam@homeport.org>
Date: Thu, 23 Jan 1997 06:29:49 -0800 (PST)
To: Carl Ellison <cme@cybercash.com>
Subject: Re: P.S. David Kahn's editorial today
Message-ID: <199701231429.GAA15847@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Carl Ellison wrote:

| I just sent the following P.S. to newsday.com
| 			----------------------
| 
| If I use an AT&T Clipper-style cellular phone, as David suggested, and I
| call you on a normal wired phone, we can't encrypt the conversation and it
| is vulnerable to interception.  The protection works *only* if both parties
| have encrypting phones while interoperate.

	Its worth thinking about multiple layers of protection for a
datastream.  The end to end encryption issue is seperate from the
issue of mobile to base encryption (and mobile to base authentication,
for that matter.)  Compute power is getting cheap enough that doing
both seems roughly feasable to me.

	Multiple protective layers is also nice in an environment
where theres policy checking going on, ie, a firewall.  SSL only gets
plugged through a firewall because it can't be partially unwrapped.  I
can't proxy in any meaningful sense.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume








Thread