[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: ArcotSign (was Re: Does security depend on hardware?)
On Wed, 23 Sep 1998, Bruce Schneier wrote:
> Sorry. I am under NDA. Hopefully Arcot will explain sooner rather than
> later. I suggest not using the product until you are satisfied.
I'd say the following has been well established by now -
- The people at ArcotSign are not completely clueless
- They're doing things in a possibly sub-optimal way as far as publically
explaining their algorithms, but this is a decision on their part, it's
not that they don't have reasonable algorithms to back things up
- They're not releasing due to being afraid of people copying their
product before they've gotten sufficiently far in development/achieved
some market penetration. Those of you who don't work at startups might not
be familiar with this sort of thinking, but it's completely reasonable -
if you go around telling everybody all the little details of how to make
things work, some large company might make a very quick bastardized
version and throw lots of marketing oomph behind it.
- Their marketing materials are a bit misleading. This they can reasonably
be faulted for.
In short, at worst it's a poor product, but not 'snake-oil'. I have no
idea whether it's a *good* product, since I've never looked at it, but for
all I know it might be the greatest thing since sliced bread.
I think that pretty much sums up everything there is to currently say on
the subject, until ArcotSign releases more details.
-Bram
(Who isn't talking about what he's working on until the official release
of a reasonably well fleshed-out product comes out.)