Eric Rescorla (ekr@rtfm.com)
Mon, 01 Feb 1999 07:47:45 -0800
> EKR wrote:
> I suppose I expressed quite clearly from the beginning that I do
> not bring forth a scheme that is meant to be superior to the
> existing schemes but merely as a potentially useful method (perhaps
> with quite limited but some use).
If your scheme doesn't have any advantages, why would one want to
use it?
> Basically I intend to avoid public key, because that technology
> may not be available in certain environments.
Public key has nothing to do with it. Your method is inferior
to other secret key schemes, for instance IEEE 802.10 or ANSI
X9.42 (DH, but DH-key expansion is the same problem as
session key generation from a master key).
> So I attempted to
> find what one could do if one is in some sense quite 'poor', i.e.
> having only quite minimal software facilities available. That
> means one is ready to accept loss of some or quite a lot of comfort,
> elegance, etc. etc.
The tradeoffs your scheme entails are not required by the environment
that you propose.
> Given the ISO 7 layer model, I don't think that
> lost packages or synchronization are user's concern even in normal
> circumstances.
Huh?
1. The ISO 7 layer model isn't relevant to real-world networking.
Noone uses OSI.
2. Plenty of user-relavant data is sent over datagrams, using UDP.
3. Email is resequenced and dropped all the time.
Sir, as I said before, better schemes are all over the literature.
By failing to read it and proposing inferior systems, you're wasting
our time and yours. Good places to start would be ANSI X9.42,
SKIP, or PEM.
I'm done here. Until you demonstrate some familiarity with
the work already done, I don't see why I should take the time
to familiarize you with it.
-Ekr
[Eric Rescorla ekr@rtfm.com]
The following archive was created by hippie-mail 7.98617-22 on Sat Apr 10 1999 - 01:18:25