1995-12-02 - Re: nsa and netscape
Header Data
From: futplex@pseudonym.com (Futplex)
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Message Hash: f228d69f111d1cfe0d62450c663f9ef030c8dab99e7d8e9155ee68e41a054e9a
Message ID: <199512012304.SAA22488@opine.cs.umass.edu>
Reply To: <199512011553.JAA12735@spirit.sctc.com>
UTC Datetime: 1995-12-02 01:04:44 UTC
Raw Date: Sat, 2 Dec 1995 09:04:44 +0800
Raw message
From: futplex@pseudonym.com (Futplex)
Date: Sat, 2 Dec 1995 09:04:44 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: nsa and netscape
In-Reply-To: <199512011553.JAA12735@spirit.sctc.com>
Message-ID: <199512012304.SAA22488@opine.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain
Bob Bruen writes:
# At yesterdays FNC (Federal Networking Council) meeting it was
# mentioned in passing that NSA has given Netscape a grant of $5 Million
# (yes $5M) to beef up the security features of Netscape. More info will
# be forthcoming on this.
david d `zoo' zuhn writes:
> FORTEZZA support is virtually required for any sort of new network
> authentication within the US DoD.
>
> The DoD pie is rather large, and I don't blame Netscape for trying to get
> a piece of it. One can support FORTEZZA without giving in to GAK for
> non-FORTEZZA users.
For the moment I am inclined to agree that there's nothing terribly sinister
about this. I've just been flipping through
<a href="http://www.fnc.gov/fisp_sec_contents.html">the FNC's draft Federal
Internet Security Plan (FISP)</a>. In particular it mentions:
------------
4.2 Internet Security Technology Development
The IETF and other activities are currently expanding their efforts to
develop and deploy technology standards to meet the growing security
needs of the Internet. However, these efforts must be accelerated and
facilitated by Government, since the Government has as much, if not
more, interest in increasing the level of security capability in the
Internet as does any other segment of society.
[...]
Enhance Internet Application Security
A number of key Internet applications have become central to agencies'
increasing Internet activities. Such key applications should be examined
and, where appropriate, strengthened to the extent possible. Among the
applications that require high-priority attention are the following:
[...]
Public Information Servers - Second only to email is the expanding use of
Internet-based public information server methods, most visibly the World
Wide Web and the associated Mosaic/Linx client applications.
Unfortunately, there are a number of known security vulnerabilities
associated with the use of these applications.
----------------
I definitely do _not_ get a sense from anything in this document that
installing GAK mechanisms is a major concern of the project. The NSA appears
to have a few people involved with the FNC, but not a great visible presence.
-Futplex <futplex@pseudonym.com>
Thread
Return to December 1995
- Return to ““Bob Bruen, MIT Lab for Nuclear Science” <BRUEN@mitlns.mit.edu>”
- Return to “futplex@pseudonym.com (Futplex)”
- Return to “Jeff Weinstein <jsw@netscape.com>”
- Return to “sameer <sameer@c2.org>”
Return to “zuhn@sctc.com (david d `zoo’ zuhn)”
- 1995-12-01 (Fri, 1 Dec 1995 20:49:43 +0800) - nsa and netscape - “Bob Bruen, MIT Lab for Nuclear Science” <BRUEN@mitlns.mit.edu>
- 1995-12-01 (Sat, 2 Dec 1995 02:06:39 +0800) - Re: nsa and netscape - sameer <sameer@c2.org>
- 1995-12-02 (Sat, 2 Dec 1995 14:59:30 +0800) - Re: nsa and netscape - zuhn@sctc.com (david d `zoo’ zuhn)
- 1995-12-02 (Sat, 2 Dec 1995 09:04:44 +0800) - Re: nsa and netscape - futplex@pseudonym.com (Futplex)
- 1995-12-02 (Sat, 2 Dec 1995 15:53:30 +0800) - Re: nsa and netscape - Jeff Weinstein <jsw@netscape.com>