This came across the SSL mailing list. Anyone know Taher's position on key-escrow?
Oh, come on. One does not have to "support key escrow" to be interested in Fortezza. The Fortezza interface does not have any "escrow-specific" features; it's actually a pretty good crypto API (for which several vendors plan to produce compliant, non-escrowed PCMCIA cards). The Fortezza market (in the government) is also pretty big, by the way, so one can hardly blame any vendor for being interested in in. Disclaimer: I'm also an evil "Fortezza sympathizer". I built a (Tessera, actually) version of CFS last year. I think it's a good interface, and I'd encourage people to build strong, non-escrowed crypto modules (in hardware and in software) that conform to it... -matt