I'll speculate t the answer to this question is the same answer as to why IBM was so
successful selling mainframes for
decades. It was expalined to me this way: If you go out on a limb as a manager you
might make a breakthrough but the odds
are stacked against you. On the other hand if you do what everyone else does and
don't rock the boat - then you are unlikely
to do worse than anyone else.
I suspect that whoever was in charge of the Netscape SSL project probably felt
overwhelmed and RSA walked in with some
warm cosy promises. Nowdays - this is why Microsoft is doing so well. My experiances
with the computer feild is that most
know very little and want someone to promise safety or at least accept responsibility
and RSA seems to have done that. Pay
us a few grand and stuff works. Quick fix. Senior management wants a job done... RSA
says use us.... Case closed.... go home
feeling secure. Try to use something else and you need to marshall your consultants
to prove your case. Its much easier to
spend the company capital.
>> What I really can't understand in this whole affair is how/why Netscape saw
>> fit to use RSA in SSL, and allow only RSA certificates to be used.
>One might also ask why MS has done the same. If MS browsers supported
>non RSA SSL that would be a big advantage they'd have over Netscape.
>Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
>Personal Email: [EMAIL PROTECTED]
>Senior crypto engineer, Celo Communications: http://www.celocom.com/
>Core developer of the OpenSSL project: http://www.openssl.org/
>Business Email: [EMAIL PROTECTED] PGP key: via homepage.
>
>______________________________________________________________________
>OpenSSL Project http://www.openssl.org
>User Support Mailing List [EMAIL PROTECTED]
>Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
