[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: pgp, edi, s/mime

To: Steve Schear <[email protected]>
Subject: Re: pgp, edi, s/mime
From: Raph Levien <[email protected]>
Date: Thu, 10 Oct 1996 09:19:09 -0700
CC: [email protected]
References: <v02130501ae825f741356@[10.0.2.15]>
Sender: [email protected]

> How will users be made confident that the S/MIME crypto isn't somehow
> compromised in these products?  Vendor trust (I think not, with all the
> government pressures)?

First, the S/MIME _spec_ is a matter of public record. In addition,
RIPEM is a free software, source code available, implementation of
S/MIME's crypto parts. So if you use RIPEM, you're in pretty much the
same position as using PGP (which, unfortunately, includes the
ease-of-use issues).

But how can you be sure that _any_ software does what it's supposed to
do? As someone (I don't remember who) pointed out a few days ago,
Kerberos 4 was available in source form for a long time, and it had a
really weak PRNG.

How many people have really looked critically at the PGP 2.6.2 sources?
The key management code, in particular, is pretty bad. I didn't find any
actual bugs (I wasn't looking for them - I was just trying to understand
how it worked), but it didn't leave me with much confidence that it's
completely robust code.

At least with products like Netscape, money is being spent on quality
assurance.

You've raised a good question here. It's just that there are no easy
answers.

Raph

Follow-Ups:
- Re: pgp, edi, s/mime
  - From: Adam Shostack <[email protected]>

References:
- Re: pgp, edi, s/mime
  - From: [email protected] (Steve Schear)

Prev by Date: Re: Tim May is a fine person.
Next by Date: Re: Missionaries (was: "Mormon Asshole?" re: GAK)
Prev by thread: Re: pgp, edi, s/mime
Next by thread: Re: pgp, edi, s/mime
Index(es):
- Date
- Thread