Re: Edited Edupage, 24 March 1996

[Phil Karlton <karlton@netscape.com>]

Perry E. Metzger wrote:

> 2) I strongly hope that Netscape tries to move the product towards
>    standards based mechanisms like the IETF's RTP protocol, which are
>    in widespread use, rather than pushing yet more proprietary
>    systems. Proprietary is bad in this instance.

Personally, I have some trouble with the work proprietary above.

    SSL 2 and SSL 3 protocols have been IETF drafts from the beginning.
    Discussion has been going on in a public forum since
	SSL 2 was first proposed. (Send a message to
	ssl-talk-request@netscape.com with "subscribe" in
	the Subject: to join the discussions.
    There is no trademark or copyright on the name.
    Netscape makes an SSL 2 implementation available with a no-cost
	license for non-commercial applications
    Other implementations done directly from the SSL 2 spec
	are also available.

SSL 3 has been made available to the newly convened IETF Transport Level
Security working group. If you want to be involved in the process send a
message to ietf-tls-request@w3.com with "subscribe" in the Subject
field.

SSL does depend upon an underlying reliable bytestream. This means it is
not the best choice for all applications. There are many for which it is
more than adequate.

PK
--
Philip L. Karlton		karlton@netscape.com
Principal Curmudgeon		http://home.netscape.com/people/karlton
Netscape Communications

     They that can give up essential liberty to obtain a little
     temporary safety deserve neither liberty nor safety.
		- Benjamin Franklin