John S. Denker wrote:

On 10/01/2003 11:22 AM, Don Davis wrote:
> there's another rationale my clients often give for
> wanting a new security system, instead of the off-
> the-shelf standbys:  IPSec, SSL, Kerberos, and the
> XML security specs are seen as too heavyweight for
> some applications.  the developer doesn't want to
> shoehorn these systems' bulk and extra flexibility
> into their applications, because most applications
> don't need most of the flexibility offered by these
> systems.

Is that a rationale, or an irrationale?

According to 'ps', an all-up ssh system is less
than 3 megabytes (sshd, ssh-agent, and the ssh
client).  At current memory prices, your clients
would save less than $1.50 per system even if
their custom software could reduce this "bulk"
to zero.

Without commenting on the general merits or otherwise, $1.50 is a big deal if the
target product is some embedded device intended to sell for $10 to $20 and/or if
the target product is part of a system in which millions of such devices are intended
to be used.

Paul A.S. Ward, Assistant Professor  Email: [EMAIL PROTECTED]
University of Waterloo                      [EMAIL PROTECTED]
Department of Computer Engineering   Tel: +1 (519) 888-4567 ext.3127
Waterloo, Ontario                    Fax: +1 (519) 746-3077
Canada N2L 3G1                       URL:

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to