Paul C. Kocher wrote: > > Baber Amin writes: > > The idea sounds good, but if you offer good encryption for authnetication, > > can we absolutely gaurentee that it would not be used for user data > > other than pin or hashed password. > > Do we even need to hash the password if it is being sent in a secure > > fashion. > > Under my suggestion, the TLS protocol would allow virtually anything > to go on the secure channel, but exportable implementations would > have to limit the use of the secure encryption to meet government > regulations. It seems to me that this would encourage interoperability problems down the road. --Jeff -- Jeff Weinstein - Electronic Munitions Specialist Netscape Communication Corporation jsw@netscape.com - http://home.netscape.com/people/jsw Any opinions expressed above are mine.Received on Thursday, 8 August 1996 06:34:37 EDT
This archive was generated by hypermail pre-2.1.9 : Wednesday, 24 September 2003 06:34:51 EDT