-- Announcing Crypto Kong, Release Candidate Two. http://www.jim.com/jamesd/Kong please test. Crypto Kong, like PGP, provides digital signatures and communications encryption. The important difference between it and other products that provide digital signatures and encryption is that it is not certificate based. Instead it is signature based. This eliminates the steep initial learning and management curves of existing products. The user does not need use and manage specialized certificates except for specialized purposes Perhaps more importantly, it also eliminates the threat we saw in England, the threat of the government giving itself a monopoly in certificate distribution, potentially creating the Number-Of-The-Beast system, where you need a government certificate to log on to dirty picture sites, to buy, to sell, to put up web pages. The big complexity and user hostility in existing products is creating and managing certificates. For those who need contracts and certificates, (and with Kong one almost never needs certificates) Kong handles them in an easy and natural way. See the discussion in the web site in the chapters: Linking digital IDs with paper documents or physical presence and Certificates and contracts This aspect of Kong seems to have been insufficiently tested in the beta tests. The key feature of the proposed product is that any digitally signed document can be stored in the database, and itself performs the functions of a certificate, just as a normal handwritten signature does. The user usually does not need to check a document against a certificate to see if it was signed by the "real" John Doe. Instead he normally checks one document against other documents stored in the database that have the same signature. And similarly when he encrypts a document, he does not need to use a certificate to encrypt a message to the one *real* John Doe, he merely encrypts a message to the *same* John Doe who signed the letter he is replying to. At present people have to deal with certificate management problems regardless of whether they really need certificates. For example the most common usage of PGP is to check that two signatures that purport to be by the same person are in fact by the same person. Unfortunately you cannot check one signature against another directly using PGP or any of the other existing products. Instead you have to check both signatures against a public key certificate, even if the authentication information in that certificate is irrelevant to your purpose, which it usually is, which means that you have to download the certificate from somewhere, and the person signing it had to upload it somewhere. As PGP always checks a document against the certificate, rather than against any other document the user happens to feel is relevant to the question, the person signing the document needs to get his certificate properly signed by some widely trusted third party, which is too much trouble or too complicated for many people. The signatures and contracts in Crypto Kong are optionally tolerant of email munging The web pages contain a new web page "Business Vision" which discusses the widespread failure to adopt cryptography, the widespread reluctance to pay for cryptography, and the illiquidity of various products for transferring money on the net, and proposes a path to a solution. Clearly, PGP has had rather poor penetration for business uses, and by and large, people only need to encrypt or sign stuff when there is money at stake. I believe that this product will be more acceptable for the typical businessman than PGP is, because it is easier to use, and existing business practices translate more readily to the identity model it supports than does the PGP identity model. The web page also contains full source code. Crypto Kong is written in large part as ActiveX component, and the use interface and database management code is written in visual basic. The use of ActiveX should make it easy to quickly code products and web page that perform tasks involving encryption. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG AXOOTHyx0TpTLdyQsBnt7WmaVIo1l4WDGabHKK0Y 4Bxm/YWIEOTOK6zRVH57lP7PENFT5OFN+IR39Fcx8