Re: which to implement?

Tom Stephens wrote:
> >SSLv3 and PCTv2 are both PAPER protocols.

SSL 3 is NOT just a paper protocol. It exists in products currently in
Beta. There are at least 5 independent implementations currently
interoperating. I know of at least 4 more implementation efforts that
are underway (2 in Java and 1 in Perl).

> We're living with SSLv2 and
> PCTv1 in real code, and we all agree that's not good enough.  The
> purpose of this TLS working group is to come up with something more
> secure and more open,

In what way is SSL 3 not open?

> but I agree with Win and Taher that we need to be
> in Final Draft form by July to have an IETF standard in 1996.  This is
> critical to all of us so that we don't have to even think about what we
> implement.  "STLP" should be the Internet standard - so let's get
> serious about what's in it, so we can all get on with the code.

Thousands of hours have gone into the development of SSL 3 (by engineers
both inside of Netscape and out). Much of that time was devoted to
analysis of the cryptographic properties. I can only assume that a
similar amount of work went into PCT v2.

The Microsoft strawman draft of STLP has not had that kind of analysis.
The amount of work to come to the same degree of confidence in a
protocol or implementation grows exponentially as the design gets more
complicated. It's a sad fact that while adding feature A or feature B to
an existing design, no compromise in the security of the system will
result, but adding both can open an overlooked covert channel.

The STLP strawman is more complicated than either SSL 3 or PCT 2. I
don't think it is a reasonable starting point if we hope to make the
schedules outlines in the charter.

> >Do any of you want to sit down together for a day and work up an STLP
> >draft to present to the whole working group before the IETF meeting in
> >June?

It would be naive to expect a day or two of meetings to be able to
resolve some very difficult issues.

While security is no longer my primary focus at Netscape, I will find
the time to try and address some of the issues related to MACs,
pre-encrypted files, etc.

Philip L. Karlton
Principal Curmudgeon
Netscape Communications

     They that can give up essential liberty to obtain a little
     temporary safety deserve neither liberty nor safety.
		- Benjamin Franklin

Received on Thursday, 9 May 1996 03:52:56 UTC