Seth Schoen of the EFF has a good blog entry about Palladium and TCPA
at  He attended Lucky's
presentation at DEF CON and also sat on the TCPA/Palladium panel at
the USENIX Security Symposium.

Seth has a very balanced perspective on these issues compared to most
people in the community.  It makes me proud to be an EFF supporter
(in fact I happen to be wearing my EFF T-shirt right now).

His description of how the Document Revocation List could work is
interesting as well.  Basically you would have to connect to a server
every time you wanted to read a document, in order to download a key
to unlock it.  Then if "someone" decided that the document needed
to un-exist, they would arrange for the server no longer to download
that key, and the document would effectively be deleted, everywhere.

I think this clearly would not be a feature that most people would accept
as an enforced property of their word processor.  You'd be unable to
read things unless you were online, for one thing.  And any document you
were relying on might be yanked away from you with no warning.  Such a
system would be so crippled that if Microsoft really did this for Word,
sales of "vi" would go through the roof.

It reminds me of an even better way for a word processor company to make
money: just scramble all your documents, then demand ONE MILLION DOLLARS
for the keys to decrypt them.  The money must be sent to a numbered
Swiss account, and the software checks with a server to find out when
the money has arrived.  Some of the proposals for what companies will
do with Palladium seem about as plausible as this one.

Seth draws an analogy with Acrobat, where the paying customers are
actually the publishers, the reader being given away for free.  So Adobe
does have incentives to put in a lot of DRM features that let authors
control publication and distribution.

But he doesn't follow his reasoning to its logical conclusion when dealing
with Microsoft Word.  That program is sold to end users - people who
create their own documents for the use of themselves and their associates.
The paying customers of Microsoft Word are exactly the ones who would
be screwed over royally by Seth's scheme.  So if we "follow the money"
as Seth in effect recommends, it becomes even more obvious that Microsoft
would never force Word users to be burdened with a DRL feature.

And furthermore, Seth's scheme doesn't rely on TCPA/Palladium.  At the
risk of aiding the fearmongers, I will explain that TCPA technology
actually allows for a much easier implementation, just as it does in so
many other areas.  There is no need for the server to download a key;
it only has to download an updated DRL, and the Word client software
could be trusted to delete anything that was revoked.  But the point
is, Seth's scheme would work just as well today, without TCPA existing.
As I quoted Ross Anderson saying earlier with regard to "serial number
revocation lists", these features don't need TCPA technology.

So while I have some quibbles with Seth's analysis, on the whole it is
the most balanced that I have seen from someone who has no connection
with the designers (other than my own writing, of course).  A personal
gripe is that he referred to Lucky's "critics", plural, when I feel
all alone out here.  I guess I'll have to start using the royal "we".
But he redeemed himself by taking mild exception to Lucky's slide show,
which is a lot farther than anyone else has been willing to go in public.

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to