Could someone please remind me what it is we're mad at Netscape about? As far as I can tell it's some combination of the following offenses: (a) - Jim Clark made a speech in which he revealed that he thought the government would be a player in determining the way cryptography ends up being deployed on the Internet. He was quoted in the trade press, but it was unclear exactly which words were actually his. Asked to clarify, he said that Netscape would implement mandatory government access across its product line only if required to by law, but he observed that things seem to be moving in that direction. I share his pessimism, unfortunately, unless we find a way to shift the winds. (b) Netscape contracted with the government to produce a ``Fortezza'' version of their browser for government use. They negotiated to get a lot of money for this (maybe something like $5 million). Good for them. Personally, I *like* the Fortezza interface; the API seems to provide a good abstraction for hardware and software crypto, it's easy to replace the module with something else (like software 3DES with no key escrow), and it's easy to defeat the key escrow features. Of course, maybe I'm just defending them out of guilty self-interest here, since I've played around with the Fortezza interface quite a bit myself, although they never sent me my $5 million. (c) No one from Netscape attended Bernstein hearing. I wish someone had let me know beforehand that that was to be the litmus test for the right to claim cryptographic correctness, or I would have flown right out. I guess I blew it, too. (d) Their stock price is very high, many times greater than their profits and physical assets would seem to justify. I'm not sure I understand the implication here. Maybe that this is proof that in exchange for selling out (by committing sins (a), (b) and (c), above), the secret NSA stock-price-manipulation cabal rigged the market to overvalue their stock? Wow. Don't get me wrong here; it may be useful to make clear that the market (to the extent that any of us can claim to represent any market they would be interested in) won't tolerate vendors who put the government's desires ahead of their customer's security needs. But I have yet to see any actual evidence that that's what's happened here, and I'd hate to see Netscape loose a lot of good people who could go a long way toward deploying real security on the net over something that turns out to have been a false alarm. Disclaimer: I'm employed full time by a soon-to-be-tri-vested major player in the military industrial complex, and us sellouts like to stick together. -matt