On Mon, Jun 19, 2000 at 11:27:29AM +0100, Hannes Reinecke wrote:
> Hmm. What would be the advantage of that ?
> I mean, to do anything serious with it (ie connection to the outside
> world) you'd need to connect it via serial cable to some PC or
> Workstation. And that neccessarily involves a daemon to handle the
> connection between the PalmPilot and the rest of the world. So we can as
> well build the SSL-capabilities into the daemon und run the connection
> over the serial line unencrypted, since it is rather unlikely that
> someone would eavesdrop on a serial line which is only a couple of feet
> long (provided you are not in full paranoia mode, that is)(Anyone read
> the tempest document from mskuhn ?).
>
> Plus it has the advantage of offloading some processing load from the
> Pilot.
> So why should one do it ?
Remember that I am porting PGP - I wrote an OpenPGP implementation
based on SSLeay/OpenSSL, then adapted it to the Palm. If I don't have
to enter passphrases on a computer directly tied to the internet, it
helps security, and there are many mail systems where you can do such
things offline.
Besides that, I have an Omnisky wireless modem so I have a PPP link to
the internet directly from the Palm. Having SSL would be quite useful.
There is EC crypto built in for security, but that is nonstandard (and
nonfree).
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
