Monoculture
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Wed Oct 1 21:49:00 EDT 2003
Don Davis <don at mit.edu> writes:
>there's another rationale my clients often give for wanting a new security
>system, instead of the off- the-shelf standbys: IPSec, SSL, Kerberos, and
>the XML security specs are seen as too heavyweight for some applications.
>the developer doesn't want to shoehorn these systems' bulk and extra
>flexibility into their applications, because most applications don't need
>most of the flexibility offered by these systems.
Hmm, I think the size argument is a bit of a red herring - you can strip SSL
and SSH down and run it in remarkably little space (3DES, RSA, SHA-1 and a
static server cert will get you talking to any non-crippled SSL client, for
example). I've got users running SSL and SSH servers on little 16-bit
embedded systems (alongside the existing app that the SSL or SSH is securing),
and AFAIK their main problem is that doing RSA or DH on the 16-bit CPU isn't
exactly quick.
Peter (still backlogged, if you're waiting for mail please be patient).
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list