[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Suggestion for SOI wrt PFS



On Monday 01 April 2002 15:13, Jan Vilhuber wrote:
 > Agreed. But note there hasn't been agreement (see Cheryl's
 > requirements document) on whether we want to punt all remote access
 > to IPSRA (thus using PIC), or not.

In my opinion - the answer to the above is no.

 > If we use PIC for all legacy authentication 

For all non-PK (which some call "legacy" :-) auth? I hope not.

 > (aside: why is it called
 > legacy, when it's still being used extensively?), then the discussion
 > degrades into 'is rsa cheap'...

Ah, some PK fanatics believe that if they call, say secure tokens 
"legacy", it will go away and PK certs come to replace it (:-).

And no, RSA isn't cheap.  I wonder why some began pulling EC crypto 
into the discussion, considering the uncertainty of EC patent coverage 
and scarcity of [free] implementations [for example, I know of one 
existing,  and of none fast].
-- 
Regards,
Uri
-=-=-<>-=-=-
<Disclaimer>