On 4/14/98, Robert Hettinga blathered on like this:
...Hint 1: Whatsisname Sidhu,
who negotiated the world's first RSA license, and who probably could have invented digital commerce on the internet all by himself if he only knew what he had, already bought and paid for, wasted in a mail and LAN protocol, buried in the bowels of the MacOS...
...Anyway, a more clueful Sidhu, (who, to be fair, couldn't have understood what was coming) could have, with just a little of the right prompting :-), taken some of the money you guys gave to, say, Steve, for instance :-), and bought the blind signature patent at firesale prices from DigiCash ($10 million is chump change, even to Apple, even then, :-)) at last year's greater-fools exchange of ownership at "the world's greatest financial cryptography company" (my name, not theirs)....
Quite amazing to look at all of the innovation that went on at Apple and wonder what could have been. From my perspective, the big mistake with Apple's first implementation of crypto was that it was part of an architecture (yep, PowerTalk). After close encounters with this and other wonderfully "flexible architectures", I've learned (the hard way) that this is one of the best oxymorons in computerdom. Architectures seem like wonderful, grandiose ways to solve a bunch of problems at once, but they usually lead a Titanic-like existence, eventually sinking into the abyss and taking almost everything with it, including products, businesses, reputations - you name it. Well, an amazing thing happened. Just before PowerTalk started taking on serious water, someone managed to throw DigiSign (Apple's digital signature technology based on RSA public keys) into its own life boat; Apple actually built a separate library for DigiSign that didn't require PowerTalk. But, unfortunately, there was leak in this boat, too. You see, the model for DigiSign's certificates was based on a heirarchy and required a certificate authority and all of the requisite infrastructure. No one had really done this yet so Apple had to do more than create DigiSign and put it into the Mac OS - they had to get this infrastructure in place, too. Now, even though Apple had the help of RSA and BBN, there was this even bigger problem of just helping people get it. The best way to help people understand technology is to make it accessible so almost anyone can play with it and use it. This is what Apple is known for - making technology so accessible that people just go nuts, doing things with it and taking it places no one ever dreamed. That's how Apple catalyzed the transformation of the publishing industry. Requiring a CA to make DigiSign work simply made this impossible. A peer to peer model, allowing people to create and sign their own certificates would have been far more appropriate for Apple's creative users. Then came PGP... C 'est la vie! Mark ---- mark@altenberg.com