>>Every copy of Windows 2000 and Windows millenium will have full
>>strength 128 bit crypto in the base O/S.
>Source, or "a proof" please, since I don't recognize your name as being
>authoritative regarding what M$ does and/or does not contain.
It was announced at RSA in the Microsoft keynote speach.
>>> None of them have been tested
>>> nor peer-reviewed.
>>
>>That is untrue.
>Unpublished source is not peer-reviewed, by definition.
The definition of 'Peer review' is 'review by peers', i.e. equals.
It does not have to be an open process.
Open source is a better form of peer review but it is not the only
form. Netscape Microsoft had no choice on that point on the licensing
terms when they bought in the BSafe toolkit from RSA.
Nevertheless the RSA toolkit source has been extensively examined
by most folk writing code in the industry with a US passport.
If you had said 'none of them has been subject to open source
review' you would have been correct 'by definition'. As it is
your statement had nothing to do with the definition of 'peer
review', and was in any case wrong.
It is arguable that if one is reviewing the security
of a crypto product one should examine the assembly language
code and not the source code in any case. How else can you be
sure that the shipped code is the code you reviewed?
Performing a review of the assembly code is no harder than
performing one on the source, it just means that you have
to teach your intern assembly language instead of C :-)
The biggest threat to security in my view is dogma. An idea
that is correct in one circumstance is promoted to the status
of holy doctrine and applied in circumstances where it is
ridiculous. Take for example Moriss's idea of storing password
in a salted, one-way encrypted file and relying upon encryption
and not the file system protections for security. Not such a
bad idea in 1970, but a terrible one once machines are powerful
enough to run dictionary attacks on the password file. There
are still lunatics today who will argue to death that 'shadow
password files' in UNIX *introduce* insecurity. Seven years ago
those lunatics were directly responsible for the password
scheme in HTTP sending passwords out in cleartext over the
Internet rather than using a MAC challenge approach.
This narcisism of the small difference has more to do with
folk puffing up their own ego than security.
What is easier, to police rigid adherence to some doctrine
or to actually *think* for yourself?
If you think that the problem with S/MIME is the lack of an
open source client then do what the cypherpunks list *used*
to be about - write some code to do the job the way *you*
think is correct. The standard is published by the IETF and
there are probably open source toolkits circulating.
Phill
smime.p7s
