From: Adam Shostack <adam@homeport.org>
Date: Thu, 23 Jan 1997 06:29:49 -0800 (PST)
To: Carl Ellison <cme@cybercash.com>
Subject: Re: P.S. David Kahn's editorial today
Message-ID: <199701231429.GAA15847@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


Carl Ellison wrote:

| I just sent the following P.S. to newsday.com
| 			----------------------
| 
| If I use an AT&T Clipper-style cellular phone, as David suggested, and I
| call you on a normal wired phone, we can't encrypt the conversation and it
| is vulnerable to interception.  The protection works *only* if both parties
| have encrypting phones while interoperate.

	Its worth thinking about multiple layers of protection for a
datastream.  The end to end encryption issue is seperate from the
issue of mobile to base encryption (and mobile to base authentication,
for that matter.)  Compute power is getting cheap enough that doing
both seems roughly feasable to me.

	Multiple protective layers is also nice in an environment
where theres policy checking going on, ie, a firewall.  SSL only gets
plugged through a firewall because it can't be partially unwrapped.  I
can't proxy in any meaningful sense.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume