[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Netscape & Fortessa

On Tue, 10 Oct 1995, Hal wrote:

> But hardware is not so simple.  If the only effective way to get
> convenient communications with your net access software became to use a
> hardware token, then it would be a lot easier to put on restrictions.  An
> underground effort to manufacture and distribute tokens would be much
> less practical than one to do the same thing for secure software.

However, as long as the hardware uses a published algorithm, there
shouldn't be too much of a problem in writing a device driver that will
emulate the hardware. Of course, they might attempt to use those tokens to
authenticate the hardware in the application, but that shouldn't be any
harder to patch out than the various software protection schemes that have
fallen in the past.

Frankly, I have no desire to have hardware crypto in my system (nor
anywhere to put it, I'm not wasting a PCMCIA slot on something that I can 
do with software), and unless it's dirt cheap I doubt that many normal
users will want to do so either, particularly if there *is* a software
alternative. Servers might want hardware for performance reasons, but I 
don't see any reason to prefer it otherwise.

So on those grounds, the only real danger would be for the government to 
start selling Clipper cards for $ 5 apiece. Of course, I wouldn't put it 
past them....