[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [HLL] Personal comments on project

Status: RO
Content-Length: 3868
Lines: 88

Sorry for any delays. I had a minor accident that left me somewhat
confused in the head. :-) I am still not quite back to normal, don't
expect any deep insights from me at the moment.

On Wed, 7 Jan 1998, Rop Gonggrijp wrote:

> A few personal remarks for discussion:
> * Speed
>  Falling back to the lower data rate would allow our system to work
> over GSM modems (9600).

A fallback to a bitrate at or below 9600 bps is very
desirable. The moment you can use the device over GSM or CDMA (sold in the
US as "PCS" phones) data, you greatly increase the utility of the device.

> Drawbacks are the lesser speech quality if someone owns only 14.400. But
> hey: the price difference is about $50 since the 33k6's came out, and 28.800
> will be the cheapest trash as soon as 56k really starts selling.

PGPfone bet on the same idea. The idea that people are more likely to
replace their modem than their computer. It came out that not nearly as
many people as expected upgraded to the 28.8.

More importantly, 14.4kbps is the upper limit of what you can reliably
move through transatlantic (US <-> Europe) phone lines. The transatlantic
links tend to use some rather agressive compression. In fact, the most
agressively compressing transatlantic links ocasionally will  not even
permit 14.4kbps. That happens infrequently, but it does happen.

I am afraid that for a widely usable harmless little box you'll have to
stick with 14.4kbps or below.

> I'd like to see some capable souls to start worrying about the higher level
> steps in the protocol. What does the handshake look like, how and when does
> the Diffie-Hellman key thing happen, how does one describe one's own
> capabilities and such.

I'd suggest to copy that part straight out of "The VP1 Protocol" section
3.2. No need to reinvent the wheel. The key establishment protocl there 
allows for easy extention to other ciphers, cipher modes, and codecs. [EB:
how about adding a section for Blowfish as 3.3.3?]

> * License
> As I wrote in my longer text, it seems that GNU is too restrictive. I don't
> know about you, but I have no intention to get rich from this (but I
> wouldn't step away if money came from the clouds either). I suggest freeware
> on condition that we get credit and that anything someone builds with our
> sourcecode talks to our box and software. This is the fastest way to create
> a large userbase imho.
> I'd like your opinions on this, so this can be discussed...

A product under GPL can not reach its full potential. I suggest using an
SSLeay like license. SSLeay's "use it any way you want, but give us
credit" license has helped make SSLeay the world's most popular crypto

See the file "COPYRIGHT" in SSLeay's distribution.

[About the website]
> Cypherpunks.to is another (well-connected) option.

You are welcome to use cypherpunks.to, which would make sense since this
box is on a fast link and the mailing list is already here. However, I
don't have the time to be the webmaster. The server here allows for any
level of security, from none to client certificates. [Disclaimer: in my
daytime job I work for the company that makes the webserver running on
cypherpunks.to]. If we feel we need access control for certain areas, we
have an automated Certificate Authority on this machine :-)

> * Smile
> This is going to be a tough one, since we haven't worked together much yet.
> I suggest we get together IRL as often as possible. Get together in A'dam
> sometime early February? Next time in BRD?

Anguilla in February? http://www.fc98.ai/

-- Lucky Green <shamrock@cypherpunks.to> PGP v5 encrypted email preferred.
   "Tonga? Where the hell is Tonga? They have Cypherpunks there?"