On Wed, 19 Feb 1997, Vin McLellan wrote:
> SDTI's proposed ESS architecture offers one possible option for the
> firewall mavens and corporate security managers worrying about how to
> manage an immediate future of encrypted telecom and PKC-certificate
> authenticated users. Notably, for many sites, these enhanced services will
> not require a new database -- perhaps no significant new hardware at all!
To me the ACE/Server 3.0 news mean only one thing: until the US export
restrictions exist, the new solutions (ESS, certificate management) will
be usable only in US and Canada and not in any other country of the world.
Until now SecurID was a solution that could be used all over the world,
because there are no big restrictions on exporting OTP systems from USA.
Now that encryption will be included, there is only one thing to say to
people considering using the new products: forget it. It's will be weak,
it will be breakable, don't use it. Same applies to using any RSADSI
products outside the US.