[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Apple crypto engineer position available



At 1:06 PM -0700 4/15/98, Phillip Hallam-Baker wrote:
>> Now, even though Apple had the help of RSA and BBN, there was this even
>> bigger problem of just helping people get it. The best way to help people
>> understand technology is to make it accessible so almost anyone can play
>> with it and use it. This is what Apple is known for - making technology so
>> accessible that people just go nuts, doing things with it and taking it
>> places no one ever dreamed. That's how Apple catalyzed the transformation
>> of the publishing industry. Requiring a CA to make DigiSign work simply
>> made this impossible. A peer to peer model, allowing people to create and
>> sign their own certificates would have been far more appropriate for
>> Apple's creative users.  Then came PGP...
>
>I think Mark makes a mistake in confusing pre-conditions for market
>acceptance with requirements for market growth.
>
>From the perspective of someone who helped the Web grow from a userbase
>of less than 100 users I have my own ideas as to why Apple did not
>succeed with its powertalk architecture. I see the lack of commitment
>to open standards as the key factor.
...
>But just because CAs may be dispensed with in a system of 10,000
>odd users whose principal concern is confidentiality does not mean
>they have no role in a system of over 1 million users where the
>legal enforceability of a signed contrat is an issue.
...
>The other shortcomming of Apple's approach was not realising
>that there is a middle ground. To take an example most people...

Lack of commitment to open standards was made obvious by the fact that
Apple considered the POP/SMTP plug-in for PowerTalk to be a 3rd party
opportunity! However, I was only really talking about the DigiSign stuff,
trying not to get sucked into the whole enchalada of discussing why
PowerTalk failed.

I have no bone to pick with the CA model. Apple was stuck at the high end
of this model when, as Phill points out, many levels of authentication are
needed.

I simply think that starting with a personal model, more like PGP, would
have allowed DigiSign to build some momentum, at least in the Mac market
(not a bad place to start). So, it was in fact a pre-condition for market
acceptance. Market growth could have been accelerated by just paying
attention. As with many Apple technologies, there was never a version 2.0
and 3.0 and so on, to correct for the misconceptions about the market. A
lot of people knew what needed to be done, but management usually remained
clueless.

Mark