Re: STLP and proposal

Actually I am trying to avoid politics. I think since the discussion has
gone public anyway that we should judt take it public (to the WG) and 
avoid repetition.


Barb Fox wrote:
> OK - this list is for TECHNICAL discussions. On this alias we should
> discuss  the features needed in a new and better transport-layer
> protocol and not the politics of choosing one existing protocol over
> another.  (If we fall into the trap of the latter, we will all lose...)
> Our only intent is to accelerate the process and get an open standard
> within the IETF quickly.  It is Microsoft's goal with the STLP strawman
> to avoid the anticipated shootout between SSL and PCT.  We would have
> preferred to have taken PCT 2 as the basis for an STLP standard, but we
> felt that doing this would have been viewed as contentious and have
> merely delayed the development and adoption of a new protocol standard.
> So despite the risk that we would appear to be abandoning PCT and our
> PCT partners, we decided to base our STLP strawman on SSLv3.  We remain
> committed to supporting PCT and PCT developers just as Netscape is
> committed to SSL and SSL developers.
> But the new protocol is not about PCT or SSL or any other individual
> protocol.  It is simply about developing an OPEN standard.  We're
> frankly delighted that transport layer security is an IETF working
> group!
> btw: our STLP starting point incorporated the following ideas from PCT:
> - datagram support
> - new keys and cipher specs allowed, supporting pre-encrypted data
> - less long-term dependence on particular algorithms
> - more information in alerts for robust error-handling
> - improved handshaking, allowing speed-up when the client has the
> server's key
> - additional authentication options, including previously shared secrets
> - full specification of cert types and names for both clients and
> servers
> The idea tho is to get other than MS and Netscape to comment on what
> should be in STLP.  So please let's get an active discussion going on
> the technology.
> Barbara Fox
> Senior Architect
> Microsoft

Taher Elgamal
Chief Scientist, Netscape Communications
(T) 415 937 2898, (F) 415 428 4054

Received on Tuesday, 23 April 1996 23:08:14 UTC