Re: Closing on shared-key authentication

Jeff Williams wrote:
> At 11:06 AM 10/11/96 -0700, you wrote:
>> The main distinction I've heard between password authentication and
>> public key crypto authentication is that a password can be carried
>> in your head.  If you're using a floppy or other hardware token to
>> transport your password, why not just use it to transport your
>> private key?
>   Yes this is definatly a acceptable approach.  I would think this
> could also be done by pulling it from the CA as well without the need
> of any hardware token as well.  Had you thought about that
> possibility?

Surely you aren't proposing that the CA would have your private key?

>> I agree with you that 56 bits is a very small step, and provides only
>> slightly more security than 40.  However, it does indicate that times
>> may be changing and we should not view current US export policy as
>> set in stone.
>   This is still not acceptable in my mind.  I do understand the
> problems with US export policy and the concerns with security
> associated with it.  I have to believe that we in the industry or
> private sector need to lead here however, not follow.  Without at
> least 128 bit, we are not really providing for our own protection in
> an adaquate manner.

Of course it's not acceptable.  It won't be acceptable until there are
no restrictions on crypto whatsoever.  Just because the current
political climate in the US imposes certain restrictions does not mean
that we should enshrine them in an IETF standard.

>> The IETF is an international standards organization.  Should we
>> design our protocols to conform to US policy?  French policy? 
>> Japanese policy?  I think not.  We should design TLS to be as secure
>> as possible.
>   Exactly!  I think that we need to get input from all nations and ask
> for and include their input as a intragle part of design.  That is
> however where it get's a bit tricky.  I think that possibly a "Joint
> Lab" for just such a process needs some thought here.  What do you
> think?  That way providing for all nations concerns will be addressed
> and TLS would evolve into being as secure as possible.

We should construct a protocol that is secure.  As an international
standard, we should not worry too much about anything any one country
does.  In France, cryptography is illegal.  What do you suggest we do?

You should only break rules of style if you can    | Tom Weinstein
coherently explain what you gain by so doing.      |

Received on Friday, 11 October 1996 19:10:41 UTC