[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Suggestion for SOI wrt PFS
On Monday 01 April 2002 15:13, Jan Vilhuber wrote:
> Agreed. But note there hasn't been agreement (see Cheryl's
> requirements document) on whether we want to punt all remote access
> to IPSRA (thus using PIC), or not.
In my opinion - the answer to the above is no.
> If we use PIC for all legacy authentication
For all non-PK (which some call "legacy" :-) auth? I hope not.
> (aside: why is it called
> legacy, when it's still being used extensively?), then the discussion
> degrades into 'is rsa cheap'...
Ah, some PK fanatics believe that if they call, say secure tokens
"legacy", it will go away and PK certs come to replace it (:-).
And no, RSA isn't cheap. I wonder why some began pulling EC crypto
into the discussion, considering the uncertainty of EC patent coverage
and scarcity of [free] implementations [for example, I know of one
existing, and of none fast].
--
Regards,
Uri
-=-=-<>-=-=-
<Disclaimer>