On 10/22/02, Franck Martin wrote:
"Here is my preferred solution for Internet security. We
could implement a secure user identity system precisely
like telephone Caller ID. It would be essentially an
Internet ID. All Internet transactions could be based on
it. Anyone who sends me e-mail can be identified. Anything
I send can be traced to me. People wouldn't be forced to
participate, but if they remain anonymous, I might choose
to block them. I certainly wouldn't accept file
attachments from them. I know you hate this idea, but I
think the Internet needs a fingerprint. It does not have
to have personal information, but if you break the law it
can be traced to you. You can choose not to have a
fingerprint, but then your ability to communicate with
others may be limited -- a price many people may choose to
pay. "
If posting this comment on this thread is supposed to imply
that this is an alternative to Palladium, then I would
strongly suggest actually going and reading some of the
Palladium material.
Palladium is ultimately about creating a lockbox for key
data within a system. It really implies almost nothing about
system to system interaction -- it has more to do with how a
distributed application can avoid trusting the OS to store
data and keys.
Which is an admirable goal. I'll have to see the details. I
have some skepticism about how you prevent the OS, which is
the local traffic cop, from pulling off a man-in-the-middle
attack.
You can also make the obvious cheap jokes about Microsoft
leading the way to solve problems of applications developers
that do not trust the Operating System...
But seriously, there are two types of Operating Systems that
distributed applications should not trust: those where you
cannot review the source code, and those where any attacker
can modify the source code.
A lot of this thread has struck me as an attempt to import
the Bush/Cheney foreign policy to the IETF. Microsoft is
evil, therefore everything Microsoft does is evil. Any
statements they make are just part of their evil plan. We
might as well launch the pre-emptive strike right now.
It would make more sense to examine whether any aspect of
this problem is a proper topic for the IETF, and where our
concerns about interoperability would be.
For example, Microsoft's position papers claim that
alternate Nexus implementations will be legal. Will users be
able to enable different Nexus implementations to
interoperate and share keys for sealed storage?
Caitlin Bestler
http://asomi.com/CaitlinBestler/