Re: SSL sans RSA

Vin McLellan (vin@shore.net)
Tue, 23 Feb 1999 16:33:35 -0500

• Next message: Alex Alten: "Re: SSL sans RSA"
• Previous message: staym@accessdata.com: "GGH's pkcs"
• In reply to: Mail System Internal Data: "DON'T DELETE THIS MESSAGE -- FOLDER INTERNAL DATA"
• Next in thread: Alex Alten: "Re: SSL sans RSA"

        Peter Gutmann <pgut001@cs.auckland.ac.nz> mentioned:

>> PKCS #15 (which is a kind of tour de force of what you can do with
>> ASN.1 if you know how to use it).

        Niels Möller <nisse@lysator.liu.se> responded:

>I haven't seen this one. What is it about?

        Much of the hope and expectations many of us have for PKI-enabled
secure apps -- and PKC as an enabling tech, which just happens to offer
security services too -- presumes that smart cards will be used to
personalize an individual user's possession, use, and control of his PKC
credentials and RSA private keys.

        Unfortunately, the lack of effective standards for portability and
interoperability for smart cards and readers manufactured by different
vendors have, objectively speaking, made such expectations look fairly
ludicrous.

        With PKCS #15, RSA Labs took on the Herculean (Sisyphean?) task of
promoting a common standard for information formats on smart cards and/or
other cryptographic tokens. (Crypto Politics 101: Where there has been so
little standardization, there are always short-term economic advantages for
the leading vendors in the splintered market.)

        The lofty and ambitious goal of PKCS #15 to allow users to use
their smart cards to identify themselves to multiple applications --
irrespective of the app; irrespective of the OS platform it rides on; and
irrespective of who created the application's token-interface or
manufactured the reader.

        The Wonder of a Standard, right?

        RSA has a PKCS #15 mailing list, and there was a session on PKCS
#15 at the RSA Crypto Conference that was crowded with tech policy mavens
from the US and multiple other governments. RSA is also sponsoring an PKCS
#15 interoperability workshop in Stockholm, for March 31 thru April 1. See:
<http://www.rsa.com/rsalabs/pubs/PKCS/html/pkcs-15.html>

        To download the fourth and current (2/11/99) draft of PKCS #15
v1.0, try:

MS-Word:
<ftp://ftp.rsa.com/pub/pkcs/pkcs-15/pkcs-15v4draft.doc>
Postscript:
<ftp://ftp.rsa.com/pub/pkcs/pkcs-15/pkcs-15v4draft.ps>
MS-Word (zip):
<ftp://ftp.rsa.com/pub/pkcs/pkcs-15/pkcs15v4_doc.zip>
Postscript (zip):
<ftp://ftp.rsa.com/pub/pkcs/pkcs-15/pkcs15v4_ps.zip>

        Peter's superlatives refer, I presume, to the latest version of the
compilable PKCS #15 ANS.1 module at:
<ftp://ftp.rsa.com/pub/pkcs/pkcs-15/pkcs15v4.asn>

-----
      Vin McLellan + The Privacy Guild + <vin@shore.net>
  53 Nichols St., Chelsea, MA 02150 USA <617> 884-5548
                         -- <@><@> --

• Next message: Alex Alten: "Re: SSL sans RSA"
• Previous message: staym@accessdata.com: "GGH's pkcs"
• In reply to: Mail System Internal Data: "DON'T DELETE THIS MESSAGE -- FOLDER INTERNAL DATA"
• Next in thread: Alex Alten: "Re: SSL sans RSA"