smb@ulysses.homer.nj.att.com (Steven M. Bellovin) (03/22/89)
The New York Times reported today that the Internet has decided to adopt RSA as the basis for an authentication scheme. This was done after appropriate negotiations with RSA, Inc., concerning licensing. Can someone post the details, both technical and administrative? (It's odd to learn something significant about the Internet from the mundane media...) --Steve Bellovin att!ulysses!smb, smb@ulysses.att.com
sean@ms.uky.edu (Sean Casey) (03/22/89)
Jim Bidzos of RSA Data Security told me that there should be an RFC out by early April describing the implementation of the standard. He outlined it to me, but I don't remember it that well. It mostly concerns the transmission of DES keys for encrypted email by using the RSA scheme. As far as using the RSA scheme, they are pretty liberal about granting no-cost licenses for noncommercial use. The trick is that anyone who uses RSA must first register their personal key with them. It costs $25 for two years. They then encode their key in yours, and send it back. Anyone who is granted a license for an RSA application program then has to check any user's public key and verify that they are registered and up to date. This is easily done by encrypting with RSA Corp's public key. Out pops a string (I guess - he didn't say explicitly) and a date code. Thus it's likely that once you've registered a personal key, you can use Internet RSA facilities at no additional cost for two years. Hopefully, once the RFC is out, we'll have some heavy math types writing a a really fast freely redistributable implementation. Sean -- *** Sean Casey sean@ms.uky.edu, sean@ukma.bitnet *** Who sometimes never learns. {backbone site|rutgers|uunet}!ukma!sean *** U of K, Lexington Kentucky, USA ..where Christian movies are banned. *** ``You talk the talk. Do you walk the walk?''
paul@kuhub.cc.ukans.edu (Craig Paul) (03/22/89)
> The New York Times reported today that the Internet has decided to > adopt RSA as the basis for an authentication scheme. This was done > after appropriate negotiations with RSA, Inc., concerning licensing. > Can someone post the details, both technical and administrative? > (It's odd to learn something significant about the Internet from the > mundane media...) Look up this reference.... From: KUHUB::PAUL "Craig Paul" 14-FEB-1989 15:06:04.87 To: PAUL,PAUL CC: Subj: Internet Endorses RSA E-mail. PC Week, 2/13/89, p. c/6