From: Matt Blaze <mab@crypto.com>
Date: Thu, 28 Sep 95 13:44:09 PDT
To: Adam Shostack <adam@bwh.harvard.edu>
Subject: Re: Netscpae & Fortezza (Or, say it Ain't so, Jeff?)
In-Reply-To: <199509281309.JAA12017@bwh.harvard.edu>
Message-ID: <199509282054.QAA26219@crypto.com>
MIME-Version: 1.0
Content-Type: text/plain



>This came across the SSL mailing list.  Anyone know Taher's position
>on key-escrow?

Oh, come on.  One does not have to "support key escrow" to be interested
in Fortezza.  The Fortezza interface does not have any "escrow-specific"
features; it's actually a pretty good crypto API (for which several vendors
plan to produce compliant, non-escrowed PCMCIA cards).  The Fortezza market
(in the government) is also pretty big, by the way, so one can hardly
blame any vendor for being interested in in.

Disclaimer: I'm also an evil "Fortezza sympathizer".  I built a (Tessera,
actually) version of CFS last year.  I think it's a good interface,
and I'd encourage people to  build strong, non-escrowed crypto modules
(in hardware and in software) that conform to it...

-matt