1996-11-19 - Re: HP announcing some International Cryptography stuff on Monday

Header Data

From: frantz@netcom.com (Bill Frantz)
To: Lucky Green <shamrock@netcom.com>
Message Hash: a061d1e0b62b550eb1370f638af7e1536c9e2cc7c80799c3bc5831371e61862b
Message ID: <199611190631.WAA25180@netcom6.netcom.com>
Reply To: N/A
UTC Datetime: 1996-11-19 06:31:28 UTC
Raw Date: Mon, 18 Nov 1996 22:31:28 -0800 (PST)

Raw message

From: frantz@netcom.com (Bill Frantz)
Date: Mon, 18 Nov 1996 22:31:28 -0800 (PST)
To: Lucky Green <shamrock@netcom.com>
Subject: Re: HP announcing some International Cryptography stuff on Monday
Message-ID: <199611190631.WAA25180@netcom6.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At  6:44 PM 11/17/96 -0800, Lucky Green wrote:
>I have a hard time believing that Netscape caved. As I wrote in July, HP 
>was working on selling our children's birthright to obtain an export 
>license for their product. But Netscape participating in this just 
>doesn't sound right.

I agree about Netscape.  IMHO they started with their hearts in the right
place, but with a naive lack of experience in real-world security.  Since
their hearts are in the right place, and they have good people, they have
improved a LOT in the last year.


>> Since I am inherently optimistic, one ray of light may be that the San Jose
>> Mercury News was mentioning the ability to export the system, and then when
>> the necessary licenses (US and foreign) were obtained, turn on the
>> encryption.  I guess from this that the encryption is in hardware.  Now,
>> software/hardware interfaces are usually fairly simple, so what we have
>> here is a software system with a crypto hook.
>
>One possibility is that all crypto is done in hardware. The recent 
>announcements by many hardware manufacturers that smartcard readers will 
>be included in all their products (MS will put them into their keyboards) 
>might get the necessary infrastructure deployed.

I was assuming that you would interface software crypto where the hardware
crypto goes.  The best way to hack this will depend on the specific
implementation.  (At the same time you are gronking* the software calls to
the hardware, you can gronk the signature checking code.)

* gronk v.t. To hit over the head with a club.  From Johnny Hart's cartoon, B.C.


-------------------------------------------------------------------------
Bill Frantz       | The lottery is a tax on    | Periwinkle -- Consulting
(408)356-8506     | those who can't do math.   | 16345 Englewood Ave.
frantz@netcom.com |       - Who 1st said this? | Los Gatos, CA 95032, USA







Thread