This is somewhat tacky. SecureDNS exists, and TIS got export approval a while back to publish a "bones" version, minus encryption routines. John Gilmore and his lawyer decided that, since it only does authentication, not message encryption, it should be ok to publish _with_ the crypto algorithms, and it's been quietly sitting on his web pages. Recently the Feds sent him a letter saying "Oh, no, we didn't mean it was OK to publish/export this encryption-based authentication system just because the law says you can, so stop it".... Now they're paying for another version. Are they going to try something DSS-based instead of RSA, just so you don't need encryption-capable crypto with it, or is this going to be another scam? Or is it just different parts of the Feds not talking to each other? At 08:57 AM 8/28/98 -0400, Robert Hettinga wrote:
At 1:57 PM -0400 on 8/27/98, Edupage Editors wrote:
DARPA LEADS FIGHT AGAINST DOMAIN-NAME HACKERS The Defense Advanced Research Projects Agency (DARPA) has awarded a $1.4 million contract to Network Associates to develop a cryptographic authentication system for the Internet's domain-address system. The new system will enable the Net's routing points to verify the origin of any given Web page, preventing hackers from corrupting Web page caches or rerouting domain traffic altogether. It will not, however, prevent hackers from breaking into individual Web servers and changing pages. "That's not part of this particular approach," says the director of Network Associates' TIS Labs. The company is working with the Internet Software Consortium, which will distribute the security system to Unix vendors when it becomes commercially available. Beta versions are expected to be ready in about six months, with a final product on the market in about 18 months. (TechWeb 26 Aug 98)
Thanks! Bill Bill Stewart, bill.stewart@pobox.com PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639