[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: NIST GAK export meeting, short version



>_do control_. They hope that the pain of having multiple versions will be
>so high that no vendor will bother, and all we'll have is crippled
>software.

>I think that the real key is for everyone, worldwide to insist on
>both strong crypto and interoperability.

Anything that uses cryptography absolutely and positively *must* support
multiple cryptographic protocols.  Tag every RPC, transaction, method
invocation, what-have-you with some indicator that indicates not only
"encrypted" but "encrypted via method 2".  Allow customers to specify
policy, at least via an environment variable such as
	NETSCAPE_SSL_PROTECTION=1,2,4
where the online documentation says
	1 = 512bit RSA
	2 = 256bit RSA
	4 = Rot 13

Design open, extensible architectures with public registries and protocol
descriptions.
	/r$