Speculations on Espionage-Enabled Encryption
Martin Minow
minow at apple.com
Sun Feb 23 18:14:39 PST 1997
Jim Bell writes:
>
>Has it been established that Microsoft (is only/can only) sign crypto
>add-ons which are approved for export? Since there are no restrictions
>domestically, presumably Microsoft can sign anything it wants. If those
>versions ever manage to "sneak out" of the country, well that's too bad!
>
Here are some speculations based, in part, on my interpretation (repeat,
MY INTERPRETATION) of discussion on code signing at last year's
Java One conference:
-- Only the vendor, physically located in the USA, will sign crypto add-ons.
-- Since the add-ons are physically signed in the USA, the signed
add-on must comply with all export regulations. I.e., no
restriction on domestic use, various export control restrictions
as appropriate to the crypto add-on.
I would presume that the add-on would be distributed public-key
encrypted, and could only be created by the holder of the corresponding
private key (i.e. the operating-system vendor) and, furthermore, could
only be run by an operating system that could decrypt the add-on package.
A vendor could presumably export operating system variants that
could not execute some subset of crypto add-ons because the variant
lacks the ability to decrypt the package.
In the long-term (3-5 years), I wouldn't be suprised to find the
decryption capability moved onto the processor chip, making the
problem of distribution strong crypto more difficult.
Martin Minow
minow at apple.com
More information about the Testlist
mailing list