Network Computingwww.networkcomputing.com

I also enjoyed your simile between PointCast broadcasts and being struck by "The Nation's Newspaper."

Bob Stachel
Software Architect
Lotus Development Corp.
bstachel@lotus.com

Finding Additional Missing Links
I just read Robert J. Kohlhepp's article on user client certificates in the July 1 issue ("Securing Intranet Data With SSL Client Certificates," page 82). It highlights some missing links t hat need to be addressed in order to make client certificates more manageable at the server end.

The authentication provided for Secure Sockets Layer (SSL) packets is not a signature, but rather a keyed-hash function based on MD5 or SHA-1. The distinction is important, from the standpoint of nonrepudiation, and is potentially confusing to readers who might otherwise mistake this point-to-point authentication mechanism with the real digital signatures applied to certificates.

Locally issued certificates versus those issued by public certificate authorities (CAs), such as VeriSign or CyberTrust, have value for Internet commerce applications, as well as intranet software. Check out the Liberty Financial Web page at www.lib.com for a discussion of issuing certificates to their clients for secure access to client portfolios. My company, BBN Corp., supplied the Liberty CA system to provide online cert ificate issuance, emp loyed only with the issuing organization servers. This model of certificate issuance for restricted applications is very much like the SET model and may soon find widespread application.

Dr. Stephen Kent
Chief Scientist for Information Security
BBN Corp.
kent@bbn.com

Network Computing's Must Read
As usual, one of the best parts of Network Computing is Fritz Nelson's column, What's Inside. It's the first thing I turn to when I get your magazine. Keep up the good work! It's refreshing to see someone having a bit of fun with a regular column. Too bad other columnists don't follow suit.

Greg Dainard
Systems Analyst
Chevron Chemical
gdda@chevron.com

Shareware Makes Duplication Easier
I enjoyed Jonathan Feldman's article on disk duplication ("Which Duplication Method Is Right for You?," July 1, page 104). I have had a number of assignments rolling out Microsoft Windows95.

However, I'd like to point out that, with Windows95 at least, it's still possible to grab a few shareware utilities off the shelf to create usable images. I have used Robert Jung's ARJ file-compression program and Duncan Murdoch's DOSLFNBK long-file-name-restoration program with great success.

PKZIP 2.04G does not properly archive the hidden directories in Windows95, but ARJ version 2.31 compresses and restores them faithfully. LFNBACK restores long-file names only within Windows95, whereas DOSLFNBK works under any version of DOS. ARJ and DOSLFNBK (which is free to use) provide a winning combination, when done right.

James L. Powers
System Engineer, MCSE, NPA, LZM
SARCOM
jpowers@sarcom.com

Back To The Drawing Board For Wireless
I would like to compliment Bill Frezza on his bluntness, balance and foresight regarding the current wireless data market and the future, or nonfuture, of fitting the pipe to the price ("Wireless Data's Diverging Visions," July 1, page 35).

We cannot achieve enough speed over a client/server AMPS connection. The evolution to the new wireless Personal Communications Service (PCS) protocols or private LAN bridges and broadband data really does put everybody back at the starting gate. The killer application is much like the Holy Grail of wireless. We all believe that one exists, but in the confusion and competition prevalent in the U.S. and Canadian wireless marketplaces, what is a customer to think?

More or less, the customer chooses the product based on what pipe comes with what price attached and at what speed. The points Frezza touched on could potentially save network carriers millions in the markets everybody tries to expose with little success.

Guy Annable
Vice President, Sales Engineering and Project Management
Mobility Trak
mobility.trak@magnet.ca