[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Netscape & Fortessa



-----BEGIN PGP SIGNED MESSAGE-----

In article <199510110025.RAA10439@jobe.shell.portal.com>,
hfinney@shell.portal.com (Hal) wrote:

> There seems to be a convergence on this approach to a hardware
> solution.  HP has been pushing for a model in which software with hooks
> for hardware encryption will be allowed to get exported.  Then you can
> plug in whatever level of encryption you are able to have in the
> form of a card token.  Traditionally NSA has opposed export of software
> with hooks but there are some indications that this method could be
> accepted eventually.

Yes, it might, because of the strong support by vendors for voluntary GAK
or no crypto at all. Let me explain. There are a number of indicators that
show that strong crypto is losing in the global marketplace. Example: the
charter of the new IETF Internet Payment Systems working group requires
that the use of crypto be limited. In the discussion about the charter,
the near unanimous consent (with myself as the sole dissenter) was that
crypto may only be used for authentication, not confidentiality.

It is true that the prospect of loosening the rules for crypto
software/hardware implementations is a major motivator in the marketplace.
The whole development of National Semi's iPower PCMCIA card was driven by
a promise made by the NSA of high lot numbers due to (future?) relaxed
export rules. I suppose that trapdoors in hardware are much harder to find
than trapdoors in software.
- ---
[This message has been signed by an auto-signing service.  A valid signature
means only that it has been received at the address corresponding to the
signature and forwarded.]

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Gratis auto-signing service

iQBFAwUBMHtHmCoZzwIn1bdtAQFm6AGAje0x07V6Ak/nnBLIQyAv9XDZToUw0vju
2GmRq/F1eSeiiOGfXwVGP+irPFd1W/tg
=nix8
-----END PGP SIGNATURE-----