Don Davis <[EMAIL PROTECTED]> writes:

>there's another rationale my clients often give for wanting a new security
>system, instead of the off- the-shelf standbys:  IPSec, SSL, Kerberos, and
>the XML security specs are seen as too heavyweight for some applications.
>the developer doesn't want to shoehorn these systems' bulk and extra
>flexibility into their applications, because most applications don't need
>most of the flexibility offered by these systems.

Hmm, I think the size argument is a bit of a red herring - you can strip SSL
and SSH down and run it in remarkably little space (3DES, RSA, SHA-1 and a
static server cert will get you talking to any non-crippled SSL client, for
example).  I've got users running SSL and SSH servers on little 16-bit
embedded systems (alongside the existing app that the SSL or SSH is securing),
and AFAIK their main problem is that doing RSA or DH on the 16-bit CPU isn't
exactly quick.

Peter (still backlogged, if you're waiting for mail please be patient).

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to