[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: San Jose Mercury News declares encryption battle over
Hal Finney wrote:
> >From the article
> <URL:http://www.sjmercury.com/business/compute/encrypt1115.htm>:
> > Under the plan computer makers could equip their machines, including
> > personal computers, with electronic ''locks'' of almost any strength. A
> > single computer model with strong built-in encryption could legally be
> > sold in both domestic and foreign markets.
> > The key is that the encryption circuitry would be inactive in exported
> > machines, unless both buyer and seller obtained all legally required
> > licenses to turn it on.
> > Domestic customers, and export buyers with a license, would get a special
> > key card to turn on the encryption, according to HP. Manufacturers would
> > thus be relieved of the burden of making different computers for export
> > than for domestic use.
> So it sounds like the idea is to build crypto around card tokens. I think
> HP has been pushing this for some time. The question is, will this somehow
> become the only way to get access to crypto?
[snip]
Point 1: HP (if you follow their history) would love to do something
exactly like this. Microsloth and several hardware vendors (including
HP) are currently working on handheld computers which run a subset of
Win95 (called Pegasus), which are due out this year. If this project
flies, they'll surely graduate it to laptops, to portable phones and
pagers, etc. etc. Building a certain amount of the O/S into ROM has
its advantages....
Point 2: I've said something like this before, but here's a place where
it could mean something. If c-punks and others could divvy up as many
of the supporting functions of "strong" crypto as possible, and issue
them in a set of commonly-available libraries for any and all programmers,
along with source code, then an application programmer (theoretically)
could order up some of these libraries and write some useful crypto code
in short order. This would be much better than taking on thousands of
lines of source code directly. This would also allow several vendors to
issue similar libraries, and surely someone on the Net could arrange
for comparitive product reviews.
This way, once you have a product up and running, if you (for example)
would like to replace the XYZ function with something a little better,
without impacting the rest of the code, you could order a replacement
for that function and plug it in, perhaps with no code modifications.