[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: NIST GAK export meeting, short version
>_do control_. They hope that the pain of having multiple versions will be
>so high that no vendor will bother, and all we'll have is crippled
>software.
>I think that the real key is for everyone, worldwide to insist on
>both strong crypto and interoperability.
Anything that uses cryptography absolutely and positively *must* support
multiple cryptographic protocols. Tag every RPC, transaction, method
invocation, what-have-you with some indicator that indicates not only
"encrypted" but "encrypted via method 2". Allow customers to specify
policy, at least via an environment variable such as
NETSCAPE_SSL_PROTECTION=1,2,4
where the online documentation says
1 = 512bit RSA
2 = 256bit RSA
4 = Rot 13
Design open, extensible architectures with public registries and protocol
descriptions.
/r$