Firewalls: Re: ACE/SecurID and the Big Agenda

Firewalls
(February 1997)

Indexed By Thread: [Previous] [Next]

Subject:	Re: ACE/SecurID and the Big Agenda
From:	Jyri Kaljundi <jk @ stallion . ee>
Date:	Wed, 19 Feb 1997 11:14:34 +0200 (EET)
To:	Firewalls mailing list <Firewalls @ GreatCircle . COM>
Cc:	Vin McLellan <vin @ shore . net>
In-reply-to:	<Pine . GSO . 3 . 95 . 970219110808 . 28912C-100000 @ nebula>

On Wed, 19 Feb 1997, Vin McLellan wrote:

> 	SDTI's proposed ESS architecture offers one possible option for the
> firewall mavens and corporate security managers worrying about how to
> manage an immediate future of encrypted telecom and PKC-certificate
> authenticated users.  Notably, for many sites, these enhanced services will
> not require a new database -- perhaps no significant new hardware at all!

To me the ACE/Server 3.0 news mean only one thing: until the US export
restrictions exist, the new solutions (ESS, certificate management) will
be usable only in US and Canada and not in any other country of the world. 

Until now SecurID was a solution that could be used all over the world,
because there are no big restrictions on exporting OTP systems from USA.
Now that encryption will be included, there is only one thing to say to
people considering using the new products: forget it. It's will be weak,
it will be breakable, don't use it. Same applies to using any RSADSI 
products outside the US.

Juri Kaljundi
jk @
 stallion .
 ee

Indexed By Date	Previous:	Re: Spoof 127.0.0.1 AND get a response. Possible? From: "MotivationAsia Philippines" <motivate @ mnl . sequel . net>
Indexed By Date	Next:	FTP security hole in Windows NT 3.51 From: "MotivationAsia Philippines" <motivate @ mnl . sequel . net>
Indexed By Thread	Previous:	ACE/SecurID and the Big Agenda From: Steve Gaarder <gaarder @ actech . com>
Indexed By Thread	Next:	Re: ACE/SecurID and the Big Agenda From: Vin McLellan <vin @ shore . net>