Re: IP: SSL Certificate Monopoly Bears Financial Fruit
[EMAIL PROTECTED] writes: On 6 Jul 2002 at 9:33, R. A. Hettinga wrote: Thawte has now announced a round of major price increases. New cert prices appear to have almost doubled, and renewals have increased more than 50%. While Thawte proclaims this is their first price increase in five years, this comes at a time when we should be seeing *increased* competition and *lower* prices for such virtual products, not such price increases. But of course, in an effective monopoly environment, it's your way or the highway, so this should have been entirely expected. IE comes preloaded with about 34 root certificate authorities, and it is easy for the end user to add more, to add more in batches. Anyone can coerce open SSL to generate any certificates he pleases, with some work. Both Netscape 6 and MSIE 5 contain ~100 built-in, automatically-trusted CA certs. * Certs with 512-bit keys. * Certs with 40-year lifetimes. * Certs from organisations you've never heard of before (Honest Joe's Used Cars and Certificates). * Certs from CAs with unmaintained/moribund websites (404.notfound.com). These certs are what controls access to your machine (ActiveX, Java, install- on-demand, etc etc). * It takes 600-700 mouse clicks to disable these certs to leave only CAs you really trust. (The above information was taken from A rant about SSL, oder: die grosse Sicherheitsillusion by Matthias Bruestle, presented at the KNF-Kongress 2002). Why is not someone else issuing certificates? How many more do you need? Peter. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Microsoft censors Newsweek - and new version of TCPA FAQ
--- begin forwarded text Status: U Date: Wed, 10 Jul 2002 20:15:22 -0700 To: [EMAIL PROTECTED] From: John Young [EMAIL PROTECTED] Subject: Re: Microsoft censors Newsweek - and new version of TCPA FAQ Sender: [EMAIL PROTECTED] We failed to save a copy of Steven Levy's Palladium article in Newsweek and online at MSNBC, now withdrawn by MSNBC. We can find no copy online. Whoever save a copy: we would like to receive it for publication to assure its continued availability. A Microsoft programmer, John DeTreville, named in the alleged Palladium patent published on Cryptome, has written us (copy below) to deny the ms-drm-os patent is Palladium -- which he claims is based on another patent or several of them. We would appreciate leads on which patent or patents he is referring to. Thanks. - Subject: Correction to cryptome.org Date: Mon, 8 Jul 2002 17:07:45 -0700 From: John DeTreville [EMAIL PROTECTED] To: [EMAIL PROTECTED] Are you a good contact person for the information on the Microsoft DRM patent (6,330,670) on cryptome.org? The pages linked from http://cryptome.org/ms-drm-os.htm say that the authors of this patent (England, DeTreville, and Lampson) were identified by Newsweek as Palladium programmers. I can reliably state that I (DeTreville) am not a Palladium programmer, and neither is Butler Lampson. I believe that the Newsweek article was referring to a different patent. I'm sure that the Palladium participants jointly hold a significant number of important patents in the field of computer security. Cheers, John - John's message has been added to the file at: http://cryptome.org/ms-drm-os.htm --- end forwarded text -- - R. A. Hettinga mailto: [EMAIL PROTECTED] The Internet Bearer Underwriting Corporation http://www.ibuc.com/ 44 Farquhar Street, Boston, MA 02131 USA ... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience. -- Edward Gibbon, 'Decline and Fall of the Roman Empire' - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: IP: SSL Certificate Monopoly Bears Financial Fruit
Why is not someone else issuing certificates? See http://www.securityspace.com/s_survey/sdata/200206/certca.html for recent data re SSL certificate market share; Geotrust, at I sincerely doubt the numbers presented in this so-called survey. How did they get to a number of only 91,136 secure servers across all domains? There are a huge number of CAs, many of which offer certificates to the public (see http://www.pki-page.info/#CA). Even if most CAs will not have a significant market share those numbers would be different. Cheers, Stefan. --- Dipl.-Inform. Stefan Kelm Security Consultant Secorvo Security Consulting GmbH Albert-Nestler-Strasse 9, D-76131 Karlsruhe Tel. +49 721 6105-461, Fax +49 721 6105-455 E-Mail [EMAIL PROTECTED], http://www.secorvo.de --- PGP Fingerprint 87AE E858 CCBC C3A2 E633 D139 B0D9 212B - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Microsoft's Second DRM Patent
Cryptome offers Microsoft's second patent on digital rights management, invented by the same three persons as the first, Paul England, John DeTreville and Butler Lampson: http://cryptome.org/ms-drm-os2.htm This second patent was issued on December 7, 2001, a week before the first available here: http://cryptome.org/ms-drm-os.htm John DeTreville wrote on July 8, 2002, that neither he nor Butler Lampson were Palladium programmers, as distinguished from Paul England who was cited by Steven Levy in Newsweek as a Palladium programmer. John referred to another patent underlying Palladium. Cryptome did a search of the US Patent Office archives for other patents by the three inventors and for those assigned to Microsoft from 1996 to July 9, 2002. Only two patents for digtial rights management were listed, out of more than 2,000 Microsoft patents for the period: the two referenced above on Cryptome. Ross Anderson reported yesterday that MSNBC has pulled the Palladium article by Steven Levy, which is now here: http://cryptome.org/palladium-sl.htm See Ross's updated FAQ on TCPA and Palladium: http://www.cl.cam.ac.uk/users/rja14/tcpa-faq.html - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Quantum Computing Puts Encrypted Messages at Risk
On Mon, Jul 08, 2002 at 04:20:37PM -0400, R. A. Hettinga wrote: Given that quantum computers will provide an enormous power boost, encryption experts believe that current standards for encryption, which are based on computational difficulty, will then fall. In the world of quantum computing and encryption, the question of which will come first, quantum computing or quantum encryption, is very important. In fact, it is vital. [...] I don't know enough about quantum computation to comment on this first section. There are numerous comments that seem wrong to my understanding, but I shan't make a fuss. If quantum computing comes first, chaos will reign, since most of security systems installed by the world's vital institutions, including banking, commerce and government, have come to depend on current encryption methods -- which would instantly become archaic. The boost in computing power offered by quantum computing would make many of the encryption security measures now in place obsolete. Instant chaos? Hardly. The first people to have this technology will be the NSA/GCHQ types, and university research people. Not Joe Cracker. You have to ask yourself who you are most worried about - who you think about when you encrpt your data. Most companies encrypt their data against their competitors and perhaps crackers. Quantum encryption to the rescue. Most people assume that the technology -- perhaps due to its cryptic name -- is one of those odd, far-out sciences that theorists love to love but which will have no practical application in the foreseeable future. Others are betting that quantum encryption will save the day for security applications. [snip] Coming Soon Hammond said that his company, scheduled for a public launch this September, will have a commercially available solution in 2003. The Somerville, Massachusetts-based company is developing a prototype quantum cryptographic device that can be used on telecom fiber and is immune to eavesdropping, or so the company claims. The device is also future-proof because, according to MagiQ Technologies, it is invulnerable to advances in algorithms and computing technology. Oh dear God. QKD systems are invulnerable to algorithmic and computation advances because they are not algorithmic, or based on conventional computation. QKD is the product of Physics. Mathematicians have always been under the dillusion that mathematical proof is absolute. Physicists on the whole realise that their best theory is their best theory - not absolute truth. No-one has even proved, even to physics standard, that QKD systems are secure. It is merely conjectured that we cannot intercept photons and accurately detect their polarisation without altering the same. QKD is hailed as unbreakable encryption. Sure, it will be damn hard to crack, but not-too-many years ago, the idea that we could factor thousand bit numbers sounded insane. Quantum theory came about when Planck and many many others challenged percieved wisdom. How can we be so sure that one day someone won't figure out how we can defeat the standard wisdom that says photon polarisation cannot be detected for the purposes of breaking QKD? Now I'm neither a professional cryptographer or professional quantum physicist, so any of the above could be incorrect. I'd love to be proven wrong - I fancy the idea of unbreakable encrption as much as the next man, but surely the way mankind has broken cipher after cipher, and challenged theorum after theorum should have made people a little dubious when the word unbreakable is bounded around. Besides, we all know the devil is in the implementation. Even if QKD is unbreakable on paper, an engineer is sure to break it ;-) When I first read The Code Book (Simon Singh), I drooled endlessly at the idea of Unbreakable Encryption, until I became a little more cynical. I questioned Dr Singh on this when he came and gave a lecture in Cheltenham UK recently, and his best answer was that QKD is so secure because its a different kind of system. Its not like conventional encryption. [synopsis - not direct quotation]. I'm not thorougly convinced. Can anyone (politely) prove this mere outsider wrong? -- Ian Hill [EMAIL PROTECTED] Unprovided with original learning, unformed in the habits of thinking, unskilled in the arts of composition, I resolved to write a book. -- Edward Gibbon - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
vulnerability in Outlook PGP plugin
http://www.eeye.com/html/Research/Advisories/AD20020710.html This vulnerability can be exploited by the Outlook user simply selecting a malicious email, the opening of an attachment is not required. ... [NAI] have released a patch for the latest versions of the PGP Outlook plug-in to protect systems from this flaw. Users can download the patch from: http://www.nai.com/naicommon/download/upgrade/patches/patch-pgphotfix.asp = By TED BRIDIS, Associated Press Writer WASHINGTON (AP) - The world's most popular software for scrambling sensitive e-mails suffers from a programming flaw that could allow hackers to attack a user's computer and, in some circumstances, unscramble messages. The software, called Pretty Good Privacy, or PGP, is the de facto standard for encrypting e-mails and is widely used by corporate and government offices, including some FBI ( news - web sites) agents and U.S. intelligence agencies. The scrambling technology is so powerful that until 1999 the federal government sought to restrict its sale out of fears that criminals, terrorists and foreign nations might use it. The new vulnerability, discovered weeks ago by researchers at eEye Digital Security Inc., does not exploit any weakness in the complex encrypting formulas used to scramble messages into gibberish. Instead, hackers are able to attack a programming flaw in an important piece of companion software, called a plug-in, that helps users of Microsoft Corp.'s Outlook e-mail program encrypt messages with a few mouse clicks. Outlook itself has emerged as the world's standard for e-mail software, with tens of millions of users inside many of the world's largest corporations and government offices. Smaller numbers use the Outlook plug-in to scramble their most sensitive messages so that only the recipient can read them. It's not the number of people using PGP but the fact that they're using it because they're trying to safeguard their data, said Marc Maiffret, the eEye executive and researcher who discovered the problem. Whatever the percentage is, it's very important data. Maiffret said there was no evidence anyone had successfully attacked users of the encryption software with this technique. He said the programming flaw was not totally obvious, even to trained researchers examining the software blueprints. Network Associates Inc. of Santa Clara, Calif., which until February distributed both commercial and free versions of PGP, made available on its Web site a free download to fix the software. The company announced earlier it was suspending new sales of the software, which hasn't been profitable, but moved within weeks to repair the problem in existing versions. The company's shares fell 50 cents to $17.70 in Tuesday trading on the New York Stock Exchange ( news - web sites). Free versions of PGP are widely available on the World Wide Web. The flaw allows a hacker to send a specially coded e-mail - which would appear as a blank message followed by an error warning - and effectively seize control of the victim's computer. The hacker could then install spy software to record keystrokes, steal financial records or copy a person's secret unlocking keys to unscramble their sensitive e-mails. Other protective technology, such as corporate firewalls, could make this more difficult. You can do whatever you want - execute code, read e-mails, install a backdoor, steal their keys. You could intercept all that stuff, Maiffret said. Experts said the convenience of the plug-ins for popular e-mail programs broadened the risk from this latest threat, since encryption software is famously cumbersome to use without them. Even the creator of PGP, Philip Zimmermann, relies on such a plug-in, although Zimmermann uses one that works with Eudora e-mail software and does not suffer the same vulnerability as Outlook's. A plug-in for Microsoft's Outlook Express - a scaled-down version of Outlook - is not affected by the flaw. Maiffret said his company immediately deactivated the vulnerable software on all its computers, which can be done with nine mouse-clicks using Outlook, until it could apply the repairs from Network Associates. The decision improved security but makes it kind of a pain to send encrypted e-mails, he said. Zimmermann, in an interview, said PGP software is used quite extensively by U.S. agencies, based on sales when he formerly worked at Network Associates. He also said use of the vulnerable companion plug-in was widespread. Zimmermann declined to specify which U.S. agencies might be at risk, but other experts have described trading scrambled e-mails using PGP and Outlook with employees at the FBI, the Energy Department and even the super-secret National Security Agency. In theory, only nonclassified U.S. information would be at risk from this flaw. Agencies impose strict rules against transmitting any classified
RE: IP: SSL Certificate Monopoly Bears Financial Fruit
Lucky Green [EMAIL PROTECTED] writes: Trusted roots have long been bought and sold on the secondary market as any other commodity. For surprisingly low amounts, you too can own a trusted root that comes pre-installed in 95% of all web browsers deployed. I'd heard stories of collapsed dot-coms' keys being auctioned off, that being the only thing of value the company had left. It makes the title of Matthias' paper even more appropriate. (However, I do think that anyone wanting to compromise your security will use this morning's MSIE hole to do it rather than buying a CA key. OTOH it'd be a great universal skeleton key for government agencies charged with protecting the world from equestrians). Peter. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
RE: IP: SSL Certificate Monopoly Bears Financial Fruit
-- On 11 Jul 2002 at 1:22, Lucky Green wrote: Trusted roots have long been bought and sold on the secondary market as any other commodity. For surprisingly low amounts, you too can own a trusted root that comes pre-installed in 95% of all web browsers deployed. How much, typically? And who actually owns these numerous trusted roots? --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG y1gI63PXnGNK7Iznu3+gY+/0JLBPRaEEV/OWwPub 20YHSnGmtg7lQW0NdXU4WMeKWfIQmlq3u3F/wjkOo - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: IP: SSL Certificate Monopoly Bears Financial Fruit
Thanks for the tip! I just got a new cert from Geotrust, and it was such an amazing contrast to those I've gotten from Verisign and Thawte! They apparently take the verification info from the whois data on the site, and you really can do the process from start to finish in 10 minutes or so. The cert shows that it's issued by Equifax, however. rj At 04:31 PM 7/10/2002 -0700, Greg Broiles wrote: At 03:48 PM 7/10/2002 -0700, [EMAIL PROTECTED] wrote: -- On 6 Jul 2002 at 9:33, R. A. Hettinga wrote: Thawte has now announced a round of major price increases. New cert prices appear to have almost doubled, and renewals have increased more than 50%. [...] Why is not someone else issuing certificates? See http://www.securityspace.com/s_survey/sdata/200206/certca.html for recent data re SSL certificate market share; Geotrust, at http://www.geotrust.com, has 11% of the market, and appears (from their web pages; I haven't bought one) to be ready to issue SSL server certs without the torturous document review process which Verisign invented but Thawte managed to make simultaneously more intrusive and less relevant. -- Greg Broiles -- [EMAIL PROTECTED] -- PGP 0x26E4488c or 0x94245961 - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED] - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
RE: IP: SSL Certificate Monopoly Bears Financial Fruit
James wrote: On 11 Jul 2002 at 1:22, Lucky Green wrote: Trusted roots have long been bought and sold on the secondary market as any other commodity. For surprisingly low amounts, you too can own a trusted root that comes pre-installed in 95% of all web browsers deployed. How much, typically? I'd rather not state the exact figures. A search of SEC filings may or may not turn up further details. And who actually owns these numerous trusted roots? I am not sure I understand the question. --Lucky - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: IP: SSL Certificate Monopoly Bears Financial Fruit
and just to make sure there is a common understanding regarding SSL cert operation ... the browser code 1) checks that the SSL server cert can be validated by ANY public key that is in the browser preloaded list (I haven't verified whether they totally ignore all of the cert part of these preloaded public keys ... things like expiration date ... that these preloaded public keys are in the preloaded list appears to be sufficient ... details like the preloaded public keys happened to be wrappered in these certificate containers is almost extraneous). 2) validates the signature on the SSL server cert with the corresponding public key 3) checks if the website domain/host name is the same (or in some cases similar) to the domain/host name specificed in the SSL server cert. I have noticed that browsers tend to pretty much ignore the contents of these SSL server certificates ... things like expiration date ... except the public key, the domain/host name, and the signature (and the signature only has real meaning within the context of the infrastructure associated with the public key in the preloaded list with the lowest trust/integrity level; this is analogous to security weakest link ... a bank vault with a 4ft think vault door doesn't do much good if the vault has no walls). 4) uses the public key in the SSL server cert to validate communication with the server. all of this happens automagically from most users' standpoint (probably less than one percent of the population even knows that there is such a thing as a preload list). [EMAIL PROTECTED] on 7/10/2002 at 9:12 pm wrote: Both Netscape 6 and MSIE 5 contain ~100 built-in, automatically-trusted CA certs. * Certs with 512-bit keys. * Certs with 40-year lifetimes. * Certs from organisations you've never heard of before (Honest Joe's Used Cars and Certificates). * Certs from CAs with unmaintained/moribund websites (404.notfound.com). These certs are what controls access to your machine (ActiveX, Java, install- on-demand, etc etc). * It takes 600-700 mouse clicks to disable these certs to leave only CAs you really trust. (The above information was taken from A rant about SSL, oder: die grosse Sicherheitsillusion by Matthias Bruestle, presented at the KNF-Kongress 2002). Why is not someone else issuing certificates? How many more do you need? Peter. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: FC: Politech challenge: Decode Al Qaeda stego-communications!
I'd really like to know who started this stream of web-stego-osama-terrorism articles -- I wouldn't be in the least surprised to know that the original source was someone closely affiliated with some War on Terrorism people. I wouldn't be surprised if it was someone trying to sell newspapers. Not all demagogues hold political office, and not all demagogues are motivated by a desire to restrict your civil liberties. Ultimately, there's no point in speculating - just do what you think is right. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Re: Quantum Computing Puts Encrypted Messages at Risk
On Thu, Jul 11, 2002 at 07:50:30PM +0100, Ian Hill wrote: On Mon, Jul 08, 2002 at 04:20:37PM -0400, R. A. Hettinga wrote: Given that quantum computers will provide an enormous power boost, encryption experts believe that current standards for encryption, which are based on computational difficulty, will then fall. In the world of quantum computing and encryption, the question of which will come first, quantum computing or quantum encryption, is very important. In fact, it is vital. [...] I don't know enough about quantum computation to comment on this first section. There are numerous comments that seem wrong to my understanding, but I shan't make a fuss. [Blah Blah Blah] -- Ian Hill [EMAIL PROTECTED] Unprovided with original learning, unformed in the habits of thinking, unskilled in the arts of composition, I resolved to write a book. -- Edward Gibbon It has been politely pointed out to me that I overstepped my intentions with this post. Perhaps you will allow me to clarify myself before the flames begin :-) From my reply to Matthew Byng-Maddick: I can't honestly say I follow the theory to its roots, but from what I do understand, QKD is 100% secure now (if it is implemented correctly). Provided that our current thoughts on Quantum Mechanics remain accurate, then I appreciate this system will be secure. I appreciate also that this is not like standard cryptanalysis, where you can just take a copy of the ciphertext and keep bashing at it with a range of techniques. In this respect this is a whole different scenario to cracking more standard crypto systems. The point I was attempted to make, but evidently overstepped slightly whilst writing up, was that I find it grossly arrogant to say this is it, we have QKD, we can all go home. One day I am sure someone will come up with a counter-theory [which allows us to detect polarisation without altering it] which doesnt fall on its face. Such is the nature of physics. [ END QUOTE ] -- Ian Hill [EMAIL PROTECTED] The absent ones are always at fault. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
Palladium: Safe or Security Flaw?
http://www.wired.com/news/print/0,1294,53805,00.html 0 Palladium: Safe or Security Flaw? By Paul Boutin 2:00 a.m. July 12, 2002 PST What's Palladium? Depending on who you ask, it's either a catalyst to turn silicon into gold for the PC industry, or it's the stuff the black helicopters are made of. Microsoft's recently announced RD project, which includes chipmakers Intel and AMD as partners, aims to combine software and hardware extensions to traditional PC architecture. Palladium's goal: Move security-conscious applications out of the server room and back onto the Windows desktop, by soothing both consumer fears about privacy and corporate concerns over piracy. Earlier this week, Palladium architects from Microsoft and AMD provided Wired News with separate under-the-hood tours of the software and hardware technology plans behind Palladium's high concept pitch. The good/bad news: As described, Palladium won't meet most of the hyperbolic claims being made for it. At its simplest, Palladium provides a tamper-proof vault for data on the desktop. One of the areas the PC needs to grow in is its resistance to certain kinds of attacks, said Geoffrey Strongin, platform security architect for AMD. Those attacks include Web-based cracking and viruses, ripping CDs, modification of application programs, and sniffs of users' passwords and other personal data, according to Strongin. The constraint on the problem is the existing PC marketplace, Strongin added. We don't want to throw out trillions of dollars in infrastructure. As a result, he said, Palladium was designed as an extension to current PC hardware and software, one that would allow existing software and hardware to work as usual, while enabling new applications and hardware that work with encrypted data inside the PC. In theory, the Palladium system would be safe from any attacks short of physically opening the box and tapping into the hardware. To support Palladium, AMD and Intel are reportedly developing new versions of the x86 chip, the platform used for Intel's Pentium and AMD's Athlon. According to Strongin, these chips support a new Trusted execution mode that allows cryptographically authenticated programs access to a separate memory area. The CPU is augmented by a security coprocessor, which holds a unique pair of crypto keys. The coprocessor is a separate component not for security but for manufacturing reasons. Unlike today's CPU chips, each coprocessor must be personalized with a crypto string stored in non-volatile memory --- more akin to a smartcard than an Athlon. Strongin suggested smartcard makers may manufacture the coprocessors, which would then be combined with Intel or AMD CPU chips to create a Palladium-ready motherboard. A corresponding software component, called the Trusted operating root (or just the nub by Microsoft engineers), would work in conjunction with the CPU and its coprocessor. Together, the nub and coprocessor are designed to encrypt data in such a way that no other combination of nub and coprocessor would be able to decrypt it. Change a single bit of code or move the data to another computer, and it is unreadable. This is the core of Palladium, according to Strongin and Peter Biddle, a Microsoft product unit manager leading Palladium's development. It's like having Kerberos (cryptographic authentication) between applications, instead of between computers on the network, Biddle said. Applications on the PC would be unable to read from or write to one another's Palladium-protected data. To the rest of the system, that part of memory is invisible -- it does not exist, Biddle said. Microsoft plans to publish the source code for the nub, he added, because the system is secure using crypto algorithms rather than proprietary code. From this relatively simple device, Microsoft is promising a slew of Palladium-derived benefits for corporations and consumers alike: virus protection, control over personal information, even spam blocking. Trusted agent software running atop the nub and secure processor would, in theory, control all use of data according to policies set by users, application makers or content providers. Try to print a screenshot of a digital movie without digitized permission, and your printout would show an error message in the window where the image should be. Forward an e-mail meant for your eyes only, and recipients would be unable to decrypt it. Forget to pay your music subscription, and your Palladium-enhanced player will refuse to decrypt the tunes on your hard drive. Spam blocking? Well, eventually is how Microsoft describes it. But while neither Microsoft nor AMD would offer a date when Palladium would move from engineers' whiteboards to store shelves (Microsoft reps gave Newsweek a 2004 ship date), privacy advocates and security experts have already launched an all-out attack on the plan. Leading the charge is University of Cambridge researcher Ross Anderson, who claims to have done
Re: IP: SSL Certificate Monopoly Bears Financial Fruit
On Fri, Jul 12, 2002 at 11:18:12AM -0400, Trei, Peter wrote: | I'd rather not state the exact figures. A search of SEC filings may or | may not turn up further details. | | And who actually owns these numerous trusted roots? | | I am not sure I understand the question. | | --Lucky | | I think I do. A 'second hand' root key seems to have some | trust issues - the thing you are buying is the private half | of a public key pair but that's just a piece of information. | How can you be sure that, as purchaser, you are the *only* | possessor of the key, and no one else has another copy (the | seller, for example)? Who cares? If I can get a key thats in the main browsers for 90% off, who cares if other people have it? I understand that getting the public half of the 2 main browsers will run you about $250k in fees, plus all the setup work. If I can buy a slightly used Ncipher box whose public key bits are in the browsers for a 10th to a 5th of that, the extra copies of the bits aren't all that worrisome to me. Adam -- It is seldom that liberty of any kind is lost all at once. -Hume - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
