[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: FAQ, round 2 (posting because of bounce)
I tried to mail these comments directly to Eric Raymond, who posted his in
progress FAQ. My mail bounced, so I am posting it in hopes that he will
get it. I missed a lot of the FAQ commentary, so I apologize if this is
all known.
Scott Collins | "Few people realize what tremendous power there
| is in one of these things." -- Willy Wonka
......................|................................................
BUSINESS. voice:408.862.0540 fax:974.6094 [email protected]
Apple Computer, Inc. 1 Infinite Loop, MS 301-2C Cupertino, CA 95014
.......................................................................
PERSONAL. voice/fax:408.257.1746 1024/669687 [email protected]
..........bounced comments follow..........
Hi,
Good work on the FAQ. I'ts not a rewarding job, I'm sure; I just wanted to
personally express gratitude.
Sorry I took so long to get these comments to you.
> The best-known PKCs are [...] DES
DES is a symmetric cypher, i.e. *not* a public key crypto-system.
>`digital signature' or `message digest code' or `message hash'
A message digest or hash is distinct from a digital signature. In
particular, for a given input, everyone will derive the same digest or hash
but a different signature.
>The three major DSS techniques are Snefru, MD5, and DSS.
Again, MD5 is not a signature algorigthm. It is only a (supposedly)
cryptographically secure, i.e. one way, hash. Everyone who runs MD5 on the
same input, will get the same output. If you meant that MD5 is used as a
component of some signature algorithms (which is true), then I apologize,
it wasn't clear to me.
> DSS is [...] associated with the Clipper proposal.
They both come from the government. They were both influenced by the NSA.
They are not associated in any formal way. More cousins than brothers.
>c. DC-net or similar protocols to thwart spoofing.
DC-nets are anonymous voting mechanisms (at their heart). I don't see the
direct relation to 'thwart spoofing'.
> If two or more people encode known text with their private keys applied in
>succession, all their public keys will be required to decode it. This is
>an unforgeable contract.
Yes, although more often digital signatures are what people want and mean
when they discuss digital contracts. With individual digital signatures,
i.e. a hash of the contract signed with your private key, each signature
can be individually verified.
> RSA stands for `Rivest-Shamir-Adelson',
Adleman
Keep up the good work,
Scott Collins | "Few people realize what tremendous power there
| is in one of these things." -- Willy Wonka
......................|................................................
BUSINESS. voice:408.862.0540 fax:974.6094 [email protected]
Apple Computer, Inc. 1 Infinite Loop, MS 301-2C Cupertino, CA 95014
.......................................................................
PERSONAL. voice/fax:408.257.1746 1024/669687 [email protected]