[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SAFE Forum--some comments



Jim Bell asks about Macintosh exportability.

There appears to be no problem using a non-tappable authentication
in the AppleShare client (but this does not mean that the actual
data is secure).

The PowerTalk module (available with System 7.5 and later, but to
be replaced in the future for reasons not having to do with crypto)
supports additional crypto-related functions, including MD5, RSA digital
signatures and 40-bit encrypted (and, hence, exportable) data streams.
Apple did negotiate with the export control people in order to fashion
a technology that could be exported. There are also country-specific
kits in order to meet import requirements. The actual strong encryption
capabilities are not accessable to developers or end users. MD5 and
RSA signing API's are published and, as part of my work at Apple,
I wrote and distributed sample code that shows how to use them to sign
and verify arbitrary data areas.

At the poorly-attended June physical c-punks meeting in Palo Alto,
I gave a very brief overview of Apple's "crypto-related" capabilities
and could repeat it at a future meeting.

>
>I haven't bought a new VCR in a few years.  Is this real?  What prevented
>them from doing this 10 years ago?
>

This is fairly recent. It requires a cooperating (generally, PBS)
station that broadcasts the timecode in one of the retrace lines.

Martin.
[email protected]