ietf-822
[Top] [All Lists]

Re: RHijacked Addresses

2002-08-10 05:03:04

In an earlier note, I wrote

This situation is made worse by legal prohibitions on providing plugable 

crypto interfaces. It would be technically easy for S/MIME and other 
application to employ a set of APIs (even better we could standardize 
them) to crypto packages. Sadly, this remains illegal in many countries 
including USA.

I thought that before I get flamed, I need to provide a little bit more 
detail/context.

1. Vendors are not prohibited from supporting plug-ins that access an 
email message on the occurrence of certain events (for example, on 
submission, and when being opened for display), when these plug-ins can be 
shown to have meaningful non-crypto purposes. It is recognized that these 
plug-ins can also be employed to perform crypto processing on outbound and 
inbound messages. Outlook and Notes/Domino plug-ins have been developed by 
third parties to do just this. In general these have not been particularly 
reliable or successful in the market.

2. Microsoft received a dispensation (which others may now have also 
received), which allowed them to provide support for pure crypto plug-ins. 
This dispensation required them to only allow plug-ins to be employed that 
had been approved by the NSA. This restriction is enforced by requiring 
crypto plug-ins to be signed using a special Microsoft key. This signature 
is verified when the plug-in is first called. Though I recently heard (via 
hearsay rather than a reliable source)that the NSA has approved additional 
plug-ins (including possibly one for Germany), for a long time they had 
approved only one. Under this circumstance, there was not much point in 
other vendors following MS' lead.


Nick

Nick Shelness
Independent Technology Consultant
Fellow - Differéntis Ltd.
Advisor - Oak Investment Partners

Contact Details
   Office Tel: +44 (0) 1828 640 632
   Office Fax: +44 (0) 1828 640 647
   Internet email: nick(_at_)old-mill(_dot_)net
   Short message: +44 7753 566460 or page(_at_)old-mill(_dot_)net
   AOL instant messaging: NickShelness
   MSN instant messaging: nh_shelness(_at_)hotmail(_dot_)com
   Yahoo instant messaging: NickShelness
   Snail mail: The Old Mill, Meigle, Perthshire, PH12 8TJ, UK
 

<Prev in Thread] Current Thread [Next in Thread>