From: “L. Detweiler” <ld231782@longs.lance.colostate.edu>
To: cypherpunks@toad.com
Message Hash: 0561ebfe17b8a80c2d2f028267ee16805866a6d992f5e5f340b898f3dcc2dcb7
Message ID: <9310020345.AA01020@longs.lance.colostate.edu>
Reply To: N/A
UTC Datetime: 1993-10-02 03:48:26 UTC
Raw Date: Fri, 1 Oct 93 20:48:26 PDT
From: "L. Detweiler" <ld231782@longs.lance.colostate.edu>
Date: Fri, 1 Oct 93 20:48:26 PDT
To: cypherpunks@toad.com
Subject: Apple's PowerTalk: *breakthrough* in crypto export?
Message-ID: <9310020345.AA01020@longs.lance.colostate.edu>
MIME-Version: 1.0
Content-Type: text/plain
From the TidBITS Mac newsletter: (I'd be more specific but don't have
it from my source -- perhaps someone can post the info on how to
retrieve the whole article.)
>PowerTalk Arrives
>-----------------
> by Wolfgang Naegeli -- wnn@ornl.gov
Powertalk is Apple's new `Collaborative Environment' client software,
supposedly to be released next week. Its a sort of groupware-email
package with some significant security & cryptography mechanisms.
Sounds like its very intuitive and a very highly refined user
interface. I suspect this whole platform could have a *major* effect in
bringing seamless, invisible, secure cryptography to the masses -- at
least, reading all the promotional hype, the *potential* is there.
> Apple claims that PowerTalk is more secure than most other off-
> the-shelf software solutions since those use less secure
> algorithms to avoid export restrictions. Apple is the first
> company to receive an export license for a DES-based product.
1st? *WOW*
Cypherpunks we need more intelligence on this ASAP! Does this represent
a fundamental *breakthrough* in export policy? Why are they the first?
Is it real live DES and not some strange crippled bit length version?
What does this *mean*?!
red warning flag:
>RSA always is at the
> root of the issuing process and signatures expire after two years.
Not sure if this means what it seems to say -- that RSA is *generating*
the private keys and passing them on? We just had that big discussion
about this issue with some other software from Apple, didn't we?
Here's some more from the article of interest to cypherpunks.
===cut=here===
Digital signatures, based on RSA Public Key Encryption, provide a
secure way of ensuring data has not been altered and was signed by
a particular person. The mechanism is similar to Kerberos [a
security system developed at MIT -Adam], which was not mature
enough at the critical point in PowerTalk development. Apple
anticipates supporting Kerberos in a future PowerTalk release.
To sign a document, simply drops it on a Signer icon. A prompt for
the personal signer code then appears on the screen. If the
content of the signed document later changes in any way, the
signature becomes invalid. While being signed, a file
automatically is locked to avoid inadvertent invalidation. The Get
Info window of a signed file is used to uncheck the file lock, and
it contains a Verify button with which the recipient can assert
the integrity of the file and authenticity of its signature.
Large companies can become trusted signature issuing agents for
their employees by obtaining a titanium blackbox with key
interlocks from RSA. The box contains a certain number oFrom owner-cypherpunks Sat Oct 2 03:18:43 1993
Received: by toad.com id AA25713; Sat, 2 Oct 93 03:14:17 PDT
Received: by toad.com id AA25695; Sat, 2 Oct 93 03:13:54 PDT
Return-Path: <sameer@soda.berkeley.edu>
Received: from soda.berkeley.edu ([128.32.149.19]) by toad.com id AA25690; Sat, 2 Oct 93 03:13:51 PDT
Received: by soda.berkeley.edu (5.65/KAOS-1)
id AA09739; Sat, 2 Oct 93 03:13:44 -0700
Date: Sat, 2 Oct 93 03:13:44 -0700
Message-Id: <9310021013.AA09739@soda.berkeley.edu>
To: cypherpunks@toad.com
From: nobody@soda.berkeley.edu
Subject: Sternlight's Key
Remailed-By: Sameer Parekh <sameer@netcom.com>
As an official Key Escrow Agent of the United States Gubberment, I have
decided that David Sternlight, being a controversial public figure, needs
cryptographic protection for his private communications.
Accordingly, a key has been created for him. He has been provided with his
public and secret keys via e-mail. A copy of the secret key will be held
in escrow. In the event that Mr. Sternlight is ever served with a subpoena,
the key will be released to appropriate authorities.
Since Mr. Sternlight has been a vocal advocate of key escrow, I'm sure he
will have no problems with his key being created by an unknown person.
In the absence of a subpoena, Mr. Sternlight, your key is safe.
Trust me. I'm from the gubberment and I'm here to help you.
pub 1024/5C4E59 1993/10/02 David Sternlight <strnlght@netcom.com>
Available from a keyserver near you.
Return to October 1993
Return to ““L. Detweiler” <ld231782@longs.lance.colostate.edu>”
1993-10-02 (Fri, 1 Oct 93 20:48:26 PDT) - Apple’s PowerTalk: breakthrough in crypto export? - “L. Detweiler” <ld231782@longs.lance.colostate.edu>