- From: Jeff Weinstein <jsw@netscape.com>
- Date: Thu, 08 Aug 1996 03:31:22 -0700
- To: "Paul C. Kocher" <pck@netcom.com>
- CC: ietf-tls@w3.org
Paul C. Kocher wrote: > > Baber Amin writes: > > The idea sounds good, but if you offer good encryption for authnetication, > > can we absolutely gaurentee that it would not be used for user data > > other than pin or hashed password. > > Do we even need to hash the password if it is being sent in a secure > > fashion. > > Under my suggestion, the TLS protocol would allow virtually anything > to go on the secure channel, but exportable implementations would > have to limit the use of the secure encryption to meet government > regulations. It seems to me that this would encourage interoperability problems down the road. --Jeff -- Jeff Weinstein - Electronic Munitions Specialist Netscape Communication Corporation jsw@netscape.com - http://home.netscape.com/people/jsw Any opinions expressed above are mine.
Received on Thursday, 8 August 1996 06:34:37 UTC