From: David Williams <dwwillia@cet.co.jp>
Date: Thu, 7 Dec 95 18:31:00 PST
To: Michaelh@cet.co.jp
Subject: Re: Micro$oft and Java
In-Reply-To: <199512080205.SAA02898@mail.eskimo.com>
Message-ID: <199512080231.CAA08012@parkplace.cet.co.jp>
MIME-Version: 1.0
Content-Type: text/plain



Another interesting post.  The list is really heavy.  I end up killing
most of the articles.  There are some real gems in there though.

>>>>> "Joel" == Joel McNamara <joelm@eskimo.com> writes:

    Joel> I was at the Microsoft presentation.  Crypto-relevant info:
    Joel> A patch will be published in the next few days to address
    Joel> the weak .PWL encryption.  I got a rather lame excuse about
    Joel> how the encryption was first implemented in 1991, and how it
    Joel> was sufficient then.  They will supposedly be changing the
    Joel> seed.

    Joel> I asked about what MS was doing in regard to future strong
    Joel> crypto.  Got an interesting response in that that "the
    Joel> government was going to let them implement 768 bit keys."  I
    Joel> later asked an MS person if these were RSA session keys or
    Joel> what.  He said yes, but I really don't think he knew what he
    Joel> was talking about based on some of his other comments.

    Joel> Visual Basic Script will be MS's response to JavaScript.
    Joel> The interesting thing here is a plan to use digital
    Joel> signatures on controls and scripts as a means of
    Joel> authentication.  The comment was made "you'd trust something
    Joel> signed by Lotus or some other big name, but you probably
    Joel> wouldn't be that trustful of a piece of shareware."  Hmmm...

    Joel> MS will be releasing a "safe" runtime version of Visual
    Joel> Basic that will supposedly prevent nasty virii and trojan
    Joel> horses from being implemented on Web pages.  IMHO, Perry's
    Joel> previous comments on the security of Java apply.

    Joel> Servers and some clients will support end-to-end encryption.
    Joel> No details...

    Joel> I didn't ask about GAK.  Bill said there was a white paper
    Joel> explaining Microsoft's position on encryption.  Maybe I'll
    Joel> test the search capabilities of the MS Web site later
    Joel> tonight.

    Joel> Overall, the presentation was interesting (but obviously
    Joel> lacking in technical details as the audience was mostly
    Joel> press).  MS is going to throw a lot of resources at this in
    Joel> order to maintain its industry dominance.

    Joel> Thought for the day.  Bill on the relevance of the briefing
    Joel> being held on Pearl Harbor day quoted Admiral Yamamoto after
    Joel> the 1941 attack, "we have awoken a sleeping giant."  Draw
    Joel> your own conclusions on that one...

    Joel> Joel

    Joel> --
David Wayne Williams		dwwillia@cet.co.jp
Software Engineer		http://www.cet.co.jp
Catena Enterprise Technologies	Linux, PGP, the Web: I love this Net!