Please excuse some questions from a somewhat crypto-naive person, but I'd like to try to understand this thing a little better so I don't make any stupid goofs if I talk about it. I presume that we can simply consider this 'universal' key as if it didn't exist? Well, actually, I suppose it prevents 'joe average' from getting the serial number, but certainly not foreign agents or any criminal who has motivation to get it(*). After all, a secret known by more than one person will not remain a secret long, and this one is going to be known by thousands. Why even bother with it? It seems like it just adds compute overhead that could be better used for other things. (* I assume the TLAs get it legally) The fact that the serial number is effectively in the clear then means that traffic analysis attacks can glean information for anyone who can get at the phone lines, yes? Even if the states were to outlaw caller id, these tapper phones would reintroduce that level of traceability. Even worse, in some ways, since your tapper 'identity' goes with you if you change phone numbers as long as you keep your old phone. Finally, can anyone explain to me how this thing /works/, at the simple 'this is what you do with this key' level of description of how RSA works? I can't figure out how two phones can communicate with each other without compromising one key or another, since RSA does /not/ seem to be involved in this (there is no public key registry, right?) Sorry if this is a dumb question . . . -- david david@staff.udc.upenn.edu