From: Adam Shostack <adam@homeport.org>
Date: Thu, 19 Sep 1996 01:56:40 +0800
To: shamrock@netcom.com (Lucky Green)
Subject: Re: The GAK Momentum is Building...
In-Reply-To: <Pine.3.89.9609180033.A7300-0100000@netcom22>
Message-ID: <199609181448.JAA01172@homeport.org>
MIME-Version: 1.0
Content-Type: text


Lucky Green wrote:

| On Wed, 18 Sep 1996, Steve Schear wrote:
| > It seems that in order for this to work Net consumers must be
| > convinced/coerced into accepting the GAK security features.  What if, due
| > to a grassroots uprising, Neters refuse to use products which require GAK
| > or Net services which will only operate via GAK?  Isn't there an great
| > opportunity being created for S/Wan, Apache and its ilk and third-party
| > (especially off-shore, non-COCOM, produced) security plug-ins?
| 
| Simple. Incentivize sites/server/payment system manufacturers to require 
| certs from their users. This is already underway. See SET. Then make sure 
| that the certs/keys are GAK'ed. Yes, I know there is a difference between 
| certs and keys. Joe User doesn't. Neither does the media. It is a two step 
| process.

	The problem with GAK in financial systems is that it makes
your non-repudiation repudiable.  It also opens you to the CIA using
your bank to finance a revolution in Central America.  Think of it as
a revolutionary tax. ;)

Adam


-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume