This is in response to recent comments on Arcot's WebFort from Peter Gutmann and Marcus Leech. For some of my clients in Sweden, I have had reason to look into WebFort during the past 12 months. Here are some of my conclusions: The referred paper "Software smart cards via cryptographic camouflage" discusses in general the concept of private key camouflage but isn't precise about how Arcot's product WebFort has implemented it. This may be a reason for some misunderstandings about WebFort. First, the public key of the certificate holder is never known to him. It is stored in a private extension (no secret structure) encrypted by a key known only to the relying party and the issuing CA (on the WebFort market segment these two are often the same party). As a consequence the public key can never be used to encrypt, not even unintentionally. Hence no security hole there, as far as I can see. Secondly, how public a public key should be I think is up to the certificate holder. The less publicized it is the less true the Certificate Holder perhaps is to the original idea of PKI -- stressing the last letter. OK, one could say that WebFort is based on Public Key Technology in a way so it can build on PKI-products, foremost commonly available crypto libraries and CA-systems. Peter questions the usability of WebFort. I have found it to fit right into the need for large websites to authenticate their users (after they have become members). In user tests WebFort has proved to be intuitively easy to use and understand. They GUI is either a virtual ATM or userid plus password. Both are well known to most people. Concepts like PKI, certificate, CA and trust need not be presented to users, which they definitely appreciate (we compared with standard browsers). The major drawback of WebFort is that it doesn't work in an open domain such as Internet e-mail. Period. Some companies rather appreciate the fact that certificates paid for by them and given to their customers can't be used by a competitor in any way. Peter, you say that WebFort isn't snake oil, but is full of security holes. That's contradictory. I have looked for holes and by enlarge found the same ones as for other "soft" solutions, namely malware such as Back Orifice. Which have you found? Marcus, the PIN used to encrypt the private key may be determined either by the user or the issuer according to the policy of the certificate. Even the PIN-length and number of retries can be set, as well as a number of other security factors. Security people in my country that have looked at WebFort likes the fact that they can set and enforce a security policy for the certificate holder. Compare that to the capabilities of a standard browser. -- Arne Nilsson, Abstracon tel. +46 (0)31 823424 mobile. +46 (0)707 705244 [EMAIL PROTECTED]