[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Netscape security

On Fri Aug 18 03:51:20 1995: you scribbled...
> Mr. Shank - I'm a bit disappointed by your posting about the RC4-40 crack.

<stuff deleted>

After following the threads that have gone on after the SSL/RC4 cracking, 
It seems that we are going about this all wrong.  The cypherpunks and
Netscape shouldn't be at odds about this event.  It would be in everyone's
best interest to join forces against the common foe (ITAR), and try to
prove to the feds that RC4-40 just plain isn't good enough.  

For example, if Netscape (or someone else) were to issue a challenge to
break an SSL Key as fast as possible, and then the cypherpunks did just
that in say...a few hours, it could make a very big statement.  

It seems that one of the problems with Damien's cracking job was that it
was "not sanctioned".  Look at the WSJ article, they didn't mention his
name...they just called him "a hacker".  It shows how public opinion still
sees groups like the cypherpunks as just that, a bunch of punks. 

With some "respected" business on our side, it may make a much bigger
impact (better publicity, better leverage, etc.).

Maybe i'm just dreaming...