Re: What is a cypherpunk?

2005-02-06 Thread D. Popkin 
-BEGIN PGP SIGNED MESSAGE-

"Cypherpunks generally distrust the collectivist wisdom ..."

Yes, but Big Brother governments are not the only way such "wisdom"
gets imposed.  Bill Gates came close to imposing it upon all of us,
and if it hadn't been for Richard Stallman and Linus Torvalds, we
might all be suffering under that yoke today.

The genius of Bill Gates is in knowing that most people don't notice
or care that to agree to a EULA is to make a vow of ignorance, and not
being ashamed to stoop to their level.

The true danger of TCPA is not that "free" MP3s and movies will become
unavailable, but the de facto loss of privacy as non-TCPA gear becomes
unavailable or prohibitively expensive.

D. Popkin

-BEGIN PGP SIGNATURE-
Version: 2.6.3ia
Charset: noconv

iQBVAwUBQgaySPPsjZpmLV0BAQHEhwIAiv9N+F0GSYVB7xXE3Vftiyxgi7PYqNNP
FnAN/nh1CdoLKG0lymhGEOGW8ZAZsKRAzv5FZSal7QUSWRzzZ8qo4w==
=jsCx
-END PGP SIGNATURE-

Re: Finally, the Killer PKI Application

2004-12-29 Thread D. Popkin 
-BEGIN PGP SIGNED MESSAGE-

"R.A. Hettinga" <[EMAIL PROTECTED]> writes:

> <http://sys-con.com/story/print.cfm?storyid=47592>

>  But SSL's greatest weakness is that it is oriented toward synchronous
> transactions, requiring a direct connection between participants.

Yep.  Makes it difficult to thwart traffic analysis.

>  Security in the Message
> The solution to this problem, as put forth in standards by OASIS and
> the W3C, is to absorb security into the message itself.  That is,
> provide a means of authentication, integrity, and confidentiality
> that is integral to the message, and completely decoupled from
> transport channels.

... the way encrypted email has always been.

>  The Trend Away from Channel-Level Security

> ... Furthermore, everyone is building systems predicated to have key
> pairs on both sides of a transaction: at the message producer
> (client), and the message consumer (server).

> ... SSL is sufficient for Web-like, client/server application, but
> large enterprise computing is built on asynchronous messaging;

This is welcome news also for pseudonymous p2p commerce.

> So PKI is back.

Maybe a work-around can be devised.

> Scott Morrison

D. Popkin


-BEGIN PGP SIGNATURE-
Version: 2.6.3ia
Charset: noconv

iQBVAwUBQdDl3PPsjZpmLV0BAQGyVAIAu5Zc+PFv8CuKkzFv3hmnkIlZ/bXVmMNQ
zg2o1rG/4omH5RFn9B4VXJsCxespviw+Ysnpa31XgQ8f9LdxYCIz4w==
=MbdB
-END PGP SIGNATURE-