[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: IPSP and Netscape
On Dec 13, 2:00pm, Adam Shostack wrote:
> Subject: Re: IPSP and Netscape
> Kipp wrote:
>
> | IPSP was not in my vocabulary at the time of the first posting. Ignorance
> | was briefly bliss :^)
>
> My, this is a _tasty_ burger.
>
> | However, regardless of whether or not extant hardware is reusable,
> | there is still the not so small matter of software. Software for PC's,
> | MAC's and a host of UNIX machines before a workable secure network can
> | be constructed. It is a good thing that IPSP requires only software to
> | meet it's goals. This same property is true of SSL.
> |
> | Finally, I never said that "SSL is better than anything out there". I
> | don't know who did. All I said is that "SSL is something", which isn't
> | really saying much. SSL is A solution to A set of problems, namely
> | privacy and authentication.
>
> I'm not sure I understand. Could you explain what you mean by
> privacy, and how it is maintained by SSL? (My question, obviously, is
> informed by Hal's recent comments on privacy.)
SSL provides "channel" privacy. The two endpoints which are communicating can
be ensured of three basic properties:
1. You are certain who you are talking to (server authentication)
2. Your conversation with the server is private (privacy using encryption)
3. Your conversation cannot be interfered with (data integrity)
That is all SSL does. MIME multipart encoding used on documents can provide
deeper encryption, tamper-proof document storage, etc. There are up and coming
standards for these actions.
--
---------------------------------------------------------------------
Kipp E.B. Hickman Netscape Communications Corp.
[email protected] http://www.mcom.com/people/kipp/index.html