Jonathan Zamick writes:
This discussion was based on a group of people getting together to create a new easy to use package for handling keys and such. The government is going to try to take a dominant stance, and mandate elements of it.
So we can ignore tem. Big deal. They have no laws with which to enforce their desires.
However, it is possible, even in an antagonistic relationship, to develop positive feedback.
Who cares? An hour spent talking to an idiot from Washington is better spent writing good code unless there is a law pending in congress, in which case you are probably better off paying someone who knows what they are doing to do the talking for you.
Returning to the original topic though, do we want to get a smaller list together to spec out some ideas for the project that was discussed? A simple, transparent, tool which would allow people to use strong encryption without having to think about it?
You mean, like IPSEC/Photuris? I'll be running IPSEC (but sadly not Photuris, although I'll be trying to port Aggelos Keromytis' version at some point) on my laptop at the IETF meeting in Dallas (provided that I can buy a laptop in time.) There are three things we are currently missing in the architecture, IMHO. 1) We need a certificate system to replace X.509 and that plays nicely with distributed databases. 2) We need to implement the Eastlake/Kaufman method for embedding certificates in the DNS or something similar. 3) We need a good entity naming model. Given all those being implemented, sometime soon I can see people telnetting or ftping hither and thither without ever noticing or caring that their sessions are completely encrypted. We also have the following need: 4) A good MIME mailer (that looks like NeXT Mail or something like it) which has hooks for something MOSSlike that uses the same certificate infrastructure described in 1-3 above. 5) SHTTP capable browsers that also use 1-3 listed above. .pm