Just a few of the highlights: (1) Ron Rivest speaking on SDSI (2) Ian Goldberg et.al's secure environment for running untrusted programs in Solaris. Since it runs Netscape, it may let Perry provide a second layer of containment for Java. (3) Carl Ellison's "Establishing Identity Without Certification Authorities (4) Peter Gutmann's "Secure Deletion of Data from Magnetic and Solid-State Memory". (Bottom line, use thermite for magnetic media.) (5) Don Davis's "Compliance Defects in Public Key Cryptography" (6) Sameer Parekh's description (advertisement for) Community Connexion (7) Derek Atkins' description of the PGP Library API. Other amusements: While the Department of Justice guy (whose name slips my mind) was saying 4 horsemen over and over (really an oversimplification of his position), Data Fellows Ltd., Paivantaite 8, FIN-02210 ESPOO, Finland (http://www.datafellows.com) was in the vendor area offering strong crypto products with the line in one of their handouts, "This is orders of magnitude more security than DES-based or US products that are under the US ITAR export restrictions." In talking with them I didn't smell any snake oil. A BOF on PKI with Ron Rivest (who had already described SDSI) where Matt Blase describing PoliceMaker, and Carl Ellison described SPKI. All three approaches get away from the central certificate hierarchy God. Each one has something to offer that the other do not. (In a spirit of advertising/disclosure, I have been working with Carl on SPKI.) ------------------------------------------------------------------------- Bill Frantz | Cave ab homine unius lebri | Periwinkle -- Consulting (408)356-8506 | [Beware the man of one | 16345 Englewood Ave. frantz@netcom.com | book] - Anonymous Latin | Los Gatos, CA 95032, USA