[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Software infrastructure



I'm just catching up on a very large mail backlog (much of which is
Cypherpunks). Many Cypherpunks are apparently unaware of the security
work going on within the Internet Engineering Task Force (IETF). Besides
the infamous Privacy Enhanced Email (PEM), there are lesser known groups
working on application layer security interfaces and on IP-level
security (encryption and/or authentication of individual IP datagrams).

Okay, I'm not saying all this work is being done right. In some cases
it's not being done at all (or very slow progress is being made). In my
opinion, the situation is ripe for some highly motivated Cypherpunks to
read the stuff that's already been published (available from the
standard FTP repositories like nic.ddn.mil), digest and critique it, and
either implement the ideas that have been proposed or do them better
yourself. But you should really be aware of what other work is going on
in these areas before you reinvent the wheel.

My personal interests and preferences lie in doing security at the IP
layer. It doesn't solve all problems, but it is an approach that has
been almost totally unexplored until now. And with the ever-increasing
use and availability of low-cost dialup SLIP/PPP connections as an
alternative to dumb terminal emulators and UUCP, I think it's a powerful
technique. But I just don't have as much time to work on this as I'd
like, and it would really be nice to find others to help in the effort.

Phil