From: David Williams <dwwillia@cet.co.jp>
To: Michaelh@cet.co.jp
Message Hash: db3b11fac2eec84b6eddc1b8589997597988fed4f835704004492e86fd8d23e1
Message ID: <199512080231.CAA08012@parkplace.cet.co.jp>
Reply To: <199512080205.SAA02898@mail.eskimo.com>
UTC Datetime: 1995-12-08 02:31:00 UTC
Raw Date: Thu, 7 Dec 95 18:31:00 PST
From: David Williams <dwwillia@cet.co.jp>
Date: Thu, 7 Dec 95 18:31:00 PST
To: Michaelh@cet.co.jp
Subject: Re: Micro$oft and Java
In-Reply-To: <199512080205.SAA02898@mail.eskimo.com>
Message-ID: <199512080231.CAA08012@parkplace.cet.co.jp>
MIME-Version: 1.0
Content-Type: text/plain
Another interesting post. The list is really heavy. I end up killing
most of the articles. There are some real gems in there though.
>>>>> "Joel" == Joel McNamara <joelm@eskimo.com> writes:
Joel> I was at the Microsoft presentation. Crypto-relevant info:
Joel> A patch will be published in the next few days to address
Joel> the weak .PWL encryption. I got a rather lame excuse about
Joel> how the encryption was first implemented in 1991, and how it
Joel> was sufficient then. They will supposedly be changing the
Joel> seed.
Joel> I asked about what MS was doing in regard to future strong
Joel> crypto. Got an interesting response in that that "the
Joel> government was going to let them implement 768 bit keys." I
Joel> later asked an MS person if these were RSA session keys or
Joel> what. He said yes, but I really don't think he knew what he
Joel> was talking about based on some of his other comments.
Joel> Visual Basic Script will be MS's response to JavaScript.
Joel> The interesting thing here is a plan to use digital
Joel> signatures on controls and scripts as a means of
Joel> authentication. The comment was made "you'd trust something
Joel> signed by Lotus or some other big name, but you probably
Joel> wouldn't be that trustful of a piece of shareware." Hmmm...
Joel> MS will be releasing a "safe" runtime version of Visual
Joel> Basic that will supposedly prevent nasty virii and trojan
Joel> horses from being implemented on Web pages. IMHO, Perry's
Joel> previous comments on the security of Java apply.
Joel> Servers and some clients will support end-to-end encryption.
Joel> No details...
Joel> I didn't ask about GAK. Bill said there was a white paper
Joel> explaining Microsoft's position on encryption. Maybe I'll
Joel> test the search capabilities of the MS Web site later
Joel> tonight.
Joel> Overall, the presentation was interesting (but obviously
Joel> lacking in technical details as the audience was mostly
Joel> press). MS is going to throw a lot of resources at this in
Joel> order to maintain its industry dominance.
Joel> Thought for the day. Bill on the relevance of the briefing
Joel> being held on Pearl Harbor day quoted Admiral Yamamoto after
Joel> the 1941 attack, "we have awoken a sleeping giant." Draw
Joel> your own conclusions on that one...
Joel> Joel
Joel> --
David Wayne Williams dwwillia@cet.co.jp
Software Engineer http://www.cet.co.jp
Catena Enterprise Technologies Linux, PGP, the Web: I love this Net!
Return to December 1995
Return to “Rich Graves <llurch@networking.stanford.edu>”