From: Rich Graves <llurch@networking.stanford.edu>
To: cypherpunks@toad.com
Message Hash: aef7efce3a14fbc72408a100d94cecd8555f6342ffa5fe4567f32a5c61de2cee
Message ID: <199601220718.XAA12594@Networking.Stanford.EDU>
Reply To: N/A
UTC Datetime: 1996-01-22 07:19:00 UTC
Raw Date: Sun, 21 Jan 96 23:19:00 PST
From: Rich Graves <llurch@networking.stanford.edu>
Date: Sun, 21 Jan 96 23:19:00 PST
To: cypherpunks@toad.com
Subject: Microsoft to digitally certify other manufacturers' code?
Message-ID: <199601220718.XAA12594@Networking.Stanford.EDU>
MIME-Version: 1.0
Content-Type: text/plain
This is old news, but I don't remember it being brought up. This is
interesting in light of recent discussions regarding the CryptoAPI,
the uncertainty of Microsoft's support for Java (it won't be in
Internet Explorer 3.0, but Visual Basic will), and Microsoft's
Internet Developers' conference scheduled for mid-March.
One of a set of press releases on http://www.microsoft.com/internet/
I thought I remembered seeing an announcement of Microsoft's plans
to license Java there before, but it's not there. I know they've
revised press releases without changing the date before (most notably
the October 20th SMB security bug acknowledgement).
> [Microsoft]
> Microsoft Announces Internet Code Safety Initiative
> Microsoft Previews Internet Digital Signature Initiative to 150 ISVs
>
> REDMOND, Wash. - Dec. 7, 1995 -At the Internet Control Developers'
> Workshop on December 6, Microsoft Corporation proposed to the top
> 150 software companies in the world, an Internet digital signature
> initiative which provides a safer environment for executable code on
> the Internet. To address concerns about potentially malicious code
> or viruses, this technology will enable users to verify that a
> program's integrity is free of third-party tampering. Browsers such
> as Microsoft Internet Explorer will be equipped with the ability to
> automatically download applications from a list of vendors approved
> by the user. If the author is not on the user's pre-approved list,
> the browser can display the signature of the executable code and
> allow users to make an informed decision on whether to proceed with
> the download.
>
> Microsoft plans to propose the Internet digital signature
> specifications to the W3 Consortium (W3C) and the Internet
> Engineering Task Force (IETF) as an open Internet standard. The
> technology will be an open, proposed specification available to the
> entire Internet community. In addition, as part of the Open Process
> Design Review, Microsoft will host a digital signature design
> preview in January to solicit feedback from the Internet community.
>
> Ken Wasch, president of the Software Publishers' Association (SPA)
> said "The Software Publisher's Association applauds this important
> initiative. Independent software publishers large and small will
> have greater business opportunities publishing powerful software
> with this mechanism. Users will buy more signed software over the
> Internet because it will be more powerful and users will have
> confidence in the accountability of its creator."
>
> "Digital signatures allow people to interact over the Internet with
> the same confidence that they interact with each other in everyday
> life," said Bob Atkinson, digital signature architect. "A reliable
> accountability mechanism like this allows users to avoid walking
> around in a virtual suit of armor, giving users the flexibility to
> download and run the most powerful and interesting programs without
> undo fear of anonymous computer vandalism."
>
> Founded in 1975, Microsoft (NASDAQ "MSFT") is the worldwide leader
> in software for personal computers. The company offers a wide range
> of products and services for business and personal use, each
> designed with the mission of making it easier and more enjoyable for
> people to take advantage of the full power of personal computing
> every day.
>
> Microsoft is either a registered trademark or trademark of Microsoft
> Corporation in the United States and/ or other countries.
Return to January 1996
Return to “Rich Graves <llurch@networking.stanford.edu>”