From donald@ramsbottom.co.uk Tue, 01 Feb 2000 08:29:19 +0000 Date: Tue, 01 Feb 2000 08:29:19 +0000 From: Donald Ramsbottom donald@ramsbottom.co.uk Subject: "Enigma" meets "Titanic" - Hollywood does Cryptography again... At 19:33 31/01/00 GMT, you wrote: > >This is probably a bit *TOO* far off-topic to discuss on the list, >but I thought some people might like the pointer: > > http://www.u-571.com/ > > From the creators of the hit > thriller Breakdown comes > Universal Pictures? U-571, a > white-knuckle World War II > suspense drama about a > American submarine crew?s > battle against time-and their > own fears-while carrying out > a daring mission to capture a > top-secret encrypting device > from a Nazi U-boat. > saw this some months ago (reported), there was an interview with the midshipman (RN) (sorry name escapes me this morning) who was quite sanguine about the fact it was a USN Corvette rather than a RN one, and that he had changed Nationality. He was apparently a technical advisor, and was told the only way the "story" would be told by Hollywood, was if it were undertaken by Americans. So now we know how history is to recorded in the future, very Henry VII and Richard III. It would also appear from the above press release that the USN had "Hunter Killer" class subs in WWII !! Its a bit like a French History book I once read on the Napoleonic wars which got through the whole thing without mentioning a little affair 18 miles south of Brussels in June 1815! Ah well c'est la Guerre, c'est la vie. Donald Ramsbottom LL.B, BA (Hons). RAMSBOTTOM & Co. Solicitors Internet Law & Global Cryptology Law Specialists From davidh@spidacom.co.uk Tue, 1 Feb 2000 09:10:36 -0000 Date: Tue, 1 Feb 2000 09:10:36 -0000 From: David Hansen davidh@spidacom.co.uk Subject: Electronic voting - Tomorrows World item On 30 Jan 00, at 17:24, Nigel Hickson wrote: > So civil servants are just "duff" advisers and MPs just "generalists" Something of an interpretation of my message that I don't think helps a serious discussion. I did not make a personal attack on anyone. One of the examples I gave came from the NHS which is semi-detached from the civil service. I could have added that senior civil servants tend to be keen to describe themselves as generalists, which most of them are. It remains a fact that there has been duff advice, two examples being the non-encryption of the NHS network and key escrow. That does not mean that duff advice comes from duff advisors. Life is far too complicated for that sort of assumption. The decision makers may ignore the advice, there may be dubious and sinister people lurking in the background who do not want to see the light of day (a feature of the encryption debate), the organisation within which the advisor works may be inefficient or have its own agenda. All sorts of things may make the advice of even a very good advisor duff. However the advice remains duff, as in the two examples I have given. > No hope for any of us then. There is plenty of hope, provided individuals and organisations are grown up enough to recognise what has gone wrong in the past and resolve to do better in the future. My thoughts on the Chinese are a bit off topic. I will only say that I found it absolutely disgusting when the police in the UK made Chinese leaders feel at home by treating demonstrating dissidents in the sort of way that they are treated in China. People may infer my views on China from this. David Hansen | davidh@spidacom.co.uk | PGP email preferred Edinburgh | CI$ number 100024,3247 | key number F566DA0E From MBacon@snci.co.uk Tue, 1 Feb 2000 09:26:17 -0000 Date: Tue, 1 Feb 2000 09:26:17 -0000 From: Michael Bacon MBacon@snci.co.uk Subject: Electronic voting - Tomorrows World item > -----Original Message----- > From: David Hansen [mailto:davidh@spidacom.co.uk] > Sent: 01 February 2000 09:11 > > On 30 Jan 00, at 17:24, Nigel Hickson wrote: > > > So civil servants are just "duff" advisers and MPs just > "generalists" > > Something of an interpretation of my message that I don't > think helps a > serious discussion. [snip] > I could have added that senior civil servants > tend to be > keen to describe themselves as generalists, which most of > them are. [snip] Will the seeming intention to sack senior civil servants and appoint government 'cronies' in their stead improve the position, or otherwise? If 'specialists' are appointed it would seem likely - given the comments on this topic; otherwise : otherwise. Now ... Brian or Ross to head up crypto/e-commerce policy unit? Michael (Streaky) Bacon ____ ~(____)> " " The views expressed herein are my own and do not necessarily reflect those of my employer From davidh@spidacom.co.uk Tue, 1 Feb 2000 10:17:31 -0000 Date: Tue, 1 Feb 2000 10:17:31 -0000 From: David Hansen davidh@spidacom.co.uk Subject: Electronic voting - Tomorrows World item On 31 Jan 00, at 9:30, Michael Bacon wrote: > > Our 'masters' are essentially generalists. It's only in the House of > > Lords where one tends to find someone who knows a lot about a subject. > > Even with our 'reformed' HoL? I would have agreed before, but now ... The people who know a lot about a subject tend to be the Life Peers. David Hansen | davidh@spidacom.co.uk | PGP email preferred Edinburgh | CI$ number 100024,3247 | key number F566DA0E From brian.gladman@btinternet.com Tue, 1 Feb 2000 12:57:15 -0000 Date: Tue, 1 Feb 2000 12:57:15 -0000 From: Brian Gladman brian.gladman@btinternet.com Subject: Consultation on Security I apologise if people are already aware of this but Alan Burkett-Grey kindly sent me a note about the consultation on security that has been announced here: http://www.iagchampions.gov.uk/whatsnew.htm SInce neither Alan nor I can recall this being mentioned on this list we thought it would be worth making a posting in case others have missed this. The deadline for input is this Friday! Brian Gladman From ben@algroup.co.uk Tue, 01 Feb 2000 13:56:42 +0000 Date: Tue, 01 Feb 2000 13:56:42 +0000 From: Ben Laurie ben@algroup.co.uk Subject: Consultation on Security Brian Gladman wrote: > > I apologise if people are already aware of this but Alan Burkett-Grey kindly > sent me a note about the consultation on security that has been announced > here: > > http://www.iagchampions.gov.uk/whatsnew.htm > > SInce neither Alan nor I can recall this being mentioned on this list we > thought it would be worth making a posting in case others have missed this. > > The deadline for input is this Friday! I'm sorry? We're supposed to pay their blasted taxes _and_ give them free security consultancy? What planet are they on? BTW, why are they measuring document sizes in kelvin-bits? More hot air, I guess. :-) Cheers, Ben. -- SECURE HOSTING AT THE BUNKER! http://www.thebunker.net/hosting.htm http://www.apache-ssl.org/ben.html Y19100 no-prize winner! http://www.ntk.net/index.cgi?back=2000/now0121.txt From davidh@spidacom.co.uk Tue, 1 Feb 2000 15:53:06 -0000 Date: Tue, 1 Feb 2000 15:53:06 -0000 From: David Hansen davidh@spidacom.co.uk Subject: Electronic voting - Tomorrows World item On 1 Feb 00, at 9:26, Michael Bacon wrote: > Will the seeming intention to sack senior civil servants and appoint > government 'cronies' in their stead improve the position, or otherwise? We would have to decide whether Brian or Ross are among Tony's Cronies:-) Actually there is nothing wrong with bringing people into senior civil service positions from outside the service, provided the job is advertised and people inside and outside get a chance. My impression is that this is the case currently, as it has been under other conservative governments. Special advisors are a different matter. The aim of these seems to be so the party politician can surround themselves with people who will tell them what they want to hear. These posts are not advertised. David Hansen | davidh@spidacom.co.uk | PGP email preferred Edinburgh | CI$ number 100024,3247 | key number F566DA0E From davidh@spidacom.co.uk Tue, 1 Feb 2000 15:53:06 -0000 Date: Tue, 1 Feb 2000 15:53:06 -0000 From: David Hansen davidh@spidacom.co.uk Subject: Electronic voting - Tomorrows World item On 31 Jan 00, at 10:06, Brian Gladman wrote: > I think it is rather unfair to blame just one party to the > process when it is the process as a whole that is at fault. I'm not sure that I did blame just one party. If I did then that would be I venture party politicians which I criticised for knowing less and less about anything and instead becoming machines. > I agree with some of this analysis but I do not think that the advisors > always get it wrong. No, but many will recall the paper on the NHS. This claimed that it was only now technically possible to install encryption on the NHS network. Given that teleprinter networks were encrypted in the early 1940s this claim is, to be very generous, slightly at variance with reality. I'm not suggesting that devices with pin wheels should be attached to every computer in the NHS and set every day, but it was technically possible to encrypt the NHS network before such a beast existed. > My experience has often been that the > 'generalists' get it wrong, not because they have been badly advised > (although I am sure this sometimes happens), but rather because they do > not have the knowledge needed to understand the advice they are > receiving. They can also lack the knowledge to ask the specialist the right question in the first place. The specialist then goes away and solves the question they think they were asked. > The consequence is > that bad advice is often adopted even though good advice has also been > provided because the receiver has not the slightest idea how to tell > what is good from what is bad. This is a feature of many government decisions. > it might encourage 'ordinary' > people to seek involvement in policy formulation processes and we can't > have that. I think that is a war that has been lost. The cosy relationships of the past are being slowly exposed to the light of day. The road lobby, Shell over the Brent Spar, BP in Nigeria, Monsanto and GM foods are examples where government and big business went on in its own cost little clique without bothering about anybody else. I'll add that that is essentially what Shell says about the Brent Spar in their aftermath documents. > It is the 'system' that is wrong and its quite unfair to blame those > 'indians' who are caught up in it for its failings. That is what I was trying to get at, but on the other hand it is quite unfair for 'indians' to get away with the "it's nothing to do with me mister" defence of claiming that all faults are those of the system. > But this list, and > organisations like the Foundation for Information Policy Research > (FIPR), show that things can be changed if people are willing to get > involved. I agree. I enjoy reading it and making the occasional contribution. David Hansen | davidh@spidacom.co.uk | PGP email preferred Edinburgh | CI$ number 100024,3247 | key number F566DA0E From arj@burntwood.net Wed, 02 Feb 2000 11:01:17 +0000 Date: Wed, 02 Feb 2000 11:01:17 +0000 From: Adrian Ridley-Jones arj@burntwood.net Subject: Electronic voting - Tomorrows World item What an excellent idea. Either of these two august gentlemen could do an excellent job even with their eyes closed..... certainlly far better than the current incumbents and sick sham of a government behind them. Clearly an idea that has no hope of flying !!! Regards Adrian >government 'cronies' in their stead improve the position, or otherwise? If >'specialists' are appointed it would seem likely - given the comments on >this topic; otherwise : otherwise. Now ... Brian or Ross to head up >crypto/e-commerce policy unit? > >Michael (Streaky) Bacon > ____ >~(____)> From arj@burntwood.net Wed, 02 Feb 2000 11:01:17 +0000 Date: Wed, 02 Feb 2000 11:01:17 +0000 From: Adrian Ridley-Jones arj@burntwood.net Subject: Electronic voting - Tomorrows World item What an excellent idea. Either of these two august gentlemen could do an excellent job even with their eyes closed..... certainlly far better than the current incumbents and sick sham of a government behind them. Clearly an idea that has no hope of flying !!! Regards Adrian >government 'cronies' in their stead improve the position, or otherwise? If >'specialists' are appointed it would seem likely - given the comments on >this topic; otherwise : otherwise. Now ... Brian or Ross to head up >crypto/e-commerce policy unit? > >Michael (Streaky) Bacon > ____ >~(____)> From rupesh.jain@cdac.ernet.in Thu, 3 Feb 2000 16:09:03 +0530 (IST) Date: Thu, 3 Feb 2000 16:09:03 +0530 (IST) From: Rupesh Sureshchandra Jain rupesh.jain@cdac.ernet.in Subject: how to use pgp for trust cases Hi Pgp user's guide does't give much information how to use pgp for certification & trust cases of signatures and there commands.Please anyone knowing help me out? Rupesh From rupesh.jain@cdac.ernet.in Thu, 3 Feb 2000 16:11:38 +0530 (IST) Date: Thu, 3 Feb 2000 16:11:38 +0530 (IST) From: Rupesh Sureshchandra Jain rupesh.jain@cdac.ernet.in Subject: how to use pgp for email Hi Can anyone give me commands for using pgp with mail clinet software like pine. Rupesh From whgu0007@ermine.ox.ac.uk Thu, 3 Feb 2000 10:54:13 +0000 (GMT) Date: Thu, 3 Feb 2000 10:54:13 +0000 (GMT) From: Ian Goodyer whgu0007@ermine.ox.ac.uk Subject: how to use pgp for email On Thu, 3 Feb 2000, Rupesh Sureshchandra Jain wrote: > Hi > Can anyone give me commands for using pgp with mail clinet software like > pine. > Rupesh Just a quick reminder that this list is set up to discuss cryptography policy and law. There are dozens of lists and newsgroups that talk about how to use PGP. Please reply to Rupesh off list so that this list stays 'a little bit different'. Thanks, Ian. UKCrypto owner From nick.battle@icl.com Thu, 03 Feb 2000 10:53:04 +0000 Date: Thu, 03 Feb 2000 10:53:04 +0000 From: Nick Battle nick.battle@icl.com Subject: how to use pgp for email Rupesh Sureshchandra Jain wrote: > Can anyone give me commands for using pgp with mail clinet software > like pine. May I recommend the PGP users mail list? (http://pgp.rivertown.net/). That list is better for a detailed discussion of the use of PGP's options. Cheers, -nick From DHowe@Hawkswing.Demon.Co.Uk Thu, 3 Feb 2000 19:21:39 -0000 Date: Thu, 3 Feb 2000 19:21:39 -0000 From: David Howe DHowe@Hawkswing.Demon.Co.Uk Subject: Fw: Thawte and Verisign - Important Announcement Thought some of those on the list might be interested in this announcement.... ---------- > From: Mark Shuttleworth > To: DHowe@Hawkswing.demon.co.uk > Subject: Thawte and Verisign - Important Announcement > Date: 03 February 2000 05:10 PM > > February 1, 2000 > > Dear Thawte Customers and Future Customers: > > In December, VeriSign and Thawte announced their intentions > to join forces. We hope this letter addresses any questions > you may have about what this will mean for you. > > Please be assured that none of the things you love most about > Thawte will change after the acquisition. This includes: > > - Low prices for SSL Server and Personal Certificates > - The people you have dealt with at Thawte > - Our commitment to innovation > > VeriSign and Thawte are committed to providing a low entry > price for sites that wish to conduct secure e-commerce using > SSL. In fact, we guarantee that Thawte SSL Server Certificates > will continue to be available to both existing and new customers > for $125 (or less!) at least through February 1, 2001. This > is a firm offer which you can take advantage of at any time > during this period. You can print out this page and save it > as proof of our guarantee. > > Furthermore, existing Thawte customers will be entitled to > receive substantial discounts if they choose to take advantage > of one of VeriSign's premium certificate offerings, such as > the VeriSign Secure Site, Secure Site Plus, and Global Site > solutions. In addition to providing SSL functionality, these > offerings include popular additional features, such as up to > $250,000 of NetSure warranty protection, the Secure Site Seal, > automated performance monitoring through Keynote, free Web site > security scanning through Netcraft, and free listing of your > site in the Network Solutions dot.com directory. Look for > complete information about this discount program soon on > this site. > > For those of you who enjoy Thawte Personal Freemail certificates, > please rest assured that you will still be able to obtain free > personal certificates. VeriSign has offered free personal > certificates for over 4 years, and we intend to continue that > program, as well as Thawte's popular Web of Trust program. > > Thawte's vetting and support services will remain in place, so > that you will still deal with the same people as before when > you work with us to purchase and get help with certificates. > > Furthermore, Thawte and VeriSign have thoroughly reviewed both > companies' certificate issuance and support processes. We have > identified many areas in which the two companies can learn from > each other. By adapting the best aspects of each other's > operations and technology, we will be able to deliver even > more cost-effective services on a global basis. > > Thawte and VeriSign have also spent the past few weeks exploring > new product strategy for the coming years. Through our > relationship, we will be able to offer you a much broader > set of complementary products and services to help you enhance > your e-commerce site. Working together, Thawte and VeriSign > plan to introduce a number of exciting services, including > PKI solutions for the Wireless Web and new low-cost payment > processing services. > > VeriSign and Thawte recognize that there are many places where > you can obtain a certificate that enables SSL. We hope that you > will continue to do business with us now that we have joined > forces, as we are convinced that we offer the best service, > the best technology, the highest levels of trust, and the best > prices across a broad range of solutions. > > You also have our commitment that we will continue to tell you > about our plans for the future of online trust as they develop. > If you have any questions or concerns, please feel free to > write to either one of us. > > Sincerely: > > Mark Shuttleworth, > President and CEO > Thawte Consulting (Pty) Ltd. > marks@thawte.com > 12 Plein Street > Durbanville 7550 > South Africa > > Stratton Sclavos > President and CEO > VeriSign, Inc. > stratton@verisign.com > 1350 Charleston Rd. > Mountain View, CA 94043 > U.S.A. From johndoe2@mail.anonymizer.com Thu, 03 Feb 2000 14:59:03 -0800 Date: Thu, 03 Feb 2000 14:59:03 -0800 From: John Doe Number Two johndoe2@mail.anonymizer.com Subject: Food for Thawte Only slightly off-topic... As you may know, Thawte has=A0a=A0new-ish Web of Trust programme whereby a Thawte notary can sign one's PGP key and allocate a number of 'trust points= ' to one's PGP ID. Once one reaches 50 points, Thawte will change the Freemail signature they give to anyone (upon verification of the key's emai= l address) to the username of the key itself. Example: I verify my email address with Thawte. They sign my key with "Thawte Freemail Member ". After I've proved my identity to the requisite number of Thawte Notaries (between 2 and 5), Thawte will sign my key "John Doe, II " as well as issue me X-509 certs in my name. Although some may applaud Thawte's use of PGP, there's a major problem wit= h its implementation: there is no trust on their own signing key. A TA of Thawte's signing key (key ID 0xDE46F54F) shows a totals of 44 signatures, only one of which has a key on the main PGP cert server. That key belongs to Bruce Watermeyer (key ID 0x5804F465). His key has only one useful signature: Bill Scannell (key ID 0xF9773357). Scannell's key has Zimmerman's, Callas' and Lucky Green's sigs, among others. Scannell is also listed as a Thawte Web of Trust notary. I zapped him off a message asking him what the deal was with a Web of Trust programme that hinged on his sig. He responded, > I told Watermeier I wanted to confirm the Thawte signing key. he told me= to call some girl named Lisle in the support department. I called South Afric= a at my own expense and was told that she needed a minute to pull the public key off of the internet and read it back to me. No, I said, who has the key= ? The computer, she replied. And who controls the computer, I asked. Mister Shuttleworth, but he's in America right now. Well I asked, what happens if shuttleworth has a freak shaving accident...who can use the key. Ohh, said she, that's a security policy, I can't tell you that. i called Watermeier and told him the story. He sent me to , saying the site was secure and I could then sign the key from that. Thawte's Web of Trust program is patently bogus. Any fool could generate 50 keys, use them to sign a 51st key and then call it 'Trusted'. As far as I'= m concerned, this is illustrative as to why third party CAs are worthless to begin with. You pay them so that their 'root' becomes more valid. -JDII ____________________________________________________________ "Insert the usual disclaimer here." Key ID: 0x8EF048F5 4093 Bit DH/DSS Fingerprint: CC8F 8D2C E1A3 6555 7438 B456 D00E A83C 8EF0 48F5 From brucew@thawte.com Fri, 04 Feb 2000 09:36:53 +0200 Date: Fri, 04 Feb 2000 09:36:53 +0200 From: Bruce brucew@thawte.com Subject: Food for Thawte This is a cryptographically signed message in MIME format. --------------ms6E11EB220D521FF97E4A685E Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit > Thawte's Web of Trust program is patently bogus. Any fool could generate 50 > keys, use them to sign a 51st key and then call it 'Trusted'. As far as I'm > concerned, this is illustrative as to why third party CAs are worthless to > begin with. You pay them so that their 'root' becomes more valid. The trust assigned by Thawte is not based on signatures on a key at all. It has absolutely nothing to do with the number of signatures on a key! It is based on face to face Identity Assertions made by notaries who have had their identities physically checked by Thawte. I meet you, I check your identity documents, I keep a copy of them, you and I both sign a sworn affidavit regarding your identity (which I keep for 5 years along with the copy of your ID). Then I can issue you with up to 35 points. You still need another 15 to have your identity trusted, and another 65 to be able to issue points yourself. And not all notaries can issue as many as 35 points. Regarding the validity of the Thawte signing key, I grant you that there could be a more effective method of validation, but to suggest that a secure site presenting the information cannot be trusted as a source is to suggest that Thawte itself cannot be trusted. And that is an entirely different story! And to comment on your last line, there are no fees to become part of the Web of Trust or to benefit from it. Have a nice day, -- Bruce Watermeyer Thawte Certification Thawte now offers technical support 24 hours a day, 5 days a week: http://www.thawte.com/support/irc.html "It's better to regret something you did, Than something you didn't do!" --------------ms6E11EB220D521FF97E4A685E Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIII0wYJKoZIhvcNAQcCoIIIxDCCCMACAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCC BqQwggOIMIIC8aADAgECAgMCB54wDQYJKoZIhvcNAQEEBQAwgZQxCzAJBgNVBAYTAlpBMRUw EwYDVQQIEwxXZXN0ZXJuIENhcGUxFDASBgNVBAcTC0R1cmJhbnZpbGxlMQ8wDQYDVQQKEwZU aGF3dGUxHTAbBgNVBAsTFENlcnRpZmljYXRlIFNlcnZpY2VzMSgwJgYDVQQDEx9QZXJzb25h bCBGcmVlbWFpbCBSU0EgMTk5OS45LjE2MB4XDTAwMDIwMTEwMDIwNFoXDTAxMDEzMTEwMDIw NFowge0xCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNh cGUgVG93bjEkMCIGA1UEChMbVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkMR0wGwYDVQQM ExRNYXJrZXRpbmcgRGVwYXJ0bWVudDETMBEGA1UEBBMKV2F0ZXJtZXllcjEVMBMGA1UEKhMM QnJ1Y2UgQWRyaWFuMSAwHgYDVQQDExdCcnVjZSBBZHJpYW4gV2F0ZXJtZXllcjEgMB4GCSqG SIb3DQEJARYRYnJ1Y2V3QHRoYXd0ZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB AOIUoPiQQ7CklpwdcORK/h8000YVcTaP69+X+dOkbsOK3TADEfDrFcziYtB7g1o4kXEw1qgZ yuxCrQM59u8XJdr50PXIywQKOUl88rAiaLPG17qa6rQJZhm3wl3PxpRNIRdxnyeZHxquge6y OvvAx3ZT0jss1IlFBPespvmNC60LAgMBAAGjgYwwgYkwOgYFK2UBBAEEMTAvAgEAMCowCwIB AQQGYnJ1Y2V3MBsCAQQEFms5VnhCZEg0R0t0Uk1iVGZrR25IM1EwHAYDVR0RBBUwE4ERYnJ1 Y2V3QHRoYXd0ZS5jb20wDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBSIq/Fgg2ZV9ORYx0Yd wGG9I9fDjDANBgkqhkiG9w0BAQQFAAOBgQAjt88+kOF7CBXKjK7E51Ls1P5V75zlohXw0Uwi I2BmN4pyQ8H6rdP2aTWmZVdk4KFnPOMFu+DXyP53x9eDzOIFPszzRxrjc+4NI7LUUHCAcgxp ngRFK/WkDRgYjPvWg5J7cErvdpuFoeOevqa7pGj3HlSZJNiTX0ha/7AsP4A04TCCAxQwggJ9 oAMCAQICAQswDQYJKoZIhvcNAQEEBQAwgdExCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0 ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEaMBgGA1UEChMRVGhhd3RlIENvbnN1bHRp bmcxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2aXNpb24xJDAiBgNVBAMT G1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBDQTErMCkGCSqGSIb3DQEJARYccGVyc29uYWwt ZnJlZW1haWxAdGhhd3RlLmNvbTAeFw05OTA5MTYxNDAxNDBaFw0wMTA5MTUxNDAxNDBaMIGU MQswCQYDVQQGEwJaQTEVMBMGA1UECBMMV2VzdGVybiBDYXBlMRQwEgYDVQQHEwtEdXJiYW52 aWxsZTEPMA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEo MCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwgUlNBIDE5OTkuOS4xNjCBnzANBgkqhkiG9w0B AQEFAAOBjQAwgYkCgYEAs2lal9TQFgt6tcVd6SGcI3LNEkxL937Px/vKciT0QlKsV5Xje2F6 F4Tn/XI5OJS06u1lp5IGXr3gZfYZu5R5dkw+uWhwdYQc9BF0ALwFLE8JAxcxzPRB1HLGpl3i iESwiy7ETfHw1oU+bPOVlHiRfkDpnNGNFVeOwnPlMN5G9U8CAwEAAaM3MDUwEgYDVR0TAQH/ BAgwBgEB/wIBADAfBgNVHSMEGDAWgBRyScJzNMZV9At2coF+d/SH58ayDjANBgkqhkiG9w0B AQQFAAOBgQBrxlnpMfrptuyxA9jfcnL+kWBI6sZV3XvwZ47GYXDnbcKlN9idtxcoVgWL3Vx1 b8aRkMZsZnET0BB8a5FvhuAhNi3B1+qyCa3PLW3Gg1Kb+7v+nIed/LfpdJLkXJeu/H6syg1v cnpnLGtz9Yb5nfUAbvQdB86dnoJjKe+TCX5V3jGCAfcwggHzAgEBMIGcMIGUMQswCQYDVQQG EwJaQTEVMBMGA1UECBMMV2VzdGVybiBDYXBlMRQwEgYDVQQHEwtEdXJiYW52aWxsZTEPMA0G A1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMf UGVyc29uYWwgRnJlZW1haWwgUlNBIDE5OTkuOS4xNgIDAgeeMAkGBSsOAwIaBQCggbEwGAYJ KoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMDAwMjA0MDczNjUzWjAj BgkqhkiG9w0BCQQxFgQUIJSgAtzs0Fb3JS45NTOci+JKlKkwUgYJKoZIhvcNAQkPMUUwQzAK BggqhkiG9w0DBzAOBggqhkiG9w0DAgICAIAwBwYFKw4DAgcwDQYIKoZIhvcNAwICAUAwDQYI KoZIhvcNAwICASgwDQYJKoZIhvcNAQEBBQAEgYCTctcYbEZmJIpSvuGcD2nrHzzU9TBRRIjO CifuA2nHfr1ILEc2lU8CU/yKkyPEAtvMD7SnHHhF1wSY7ojEue3+GduIupHe3j4PHTZtw1kT 0WZAJ13PrxMDOsOZb8QAE1140blGUjrN+EEU1OuOJ9YIv+fKDzuHl47OdAvAtt/nUw== --------------ms6E11EB220D521FF97E4A685E-- From brian.gladman@btinternet.com Fri, 4 Feb 2000 10:38:47 -0000 Date: Fri, 4 Feb 2000 10:38:47 -0000 From: Brian Gladman brian.gladman@btinternet.com Subject: Food for Thawte >From: "John Doe Number Two" >To: >Cc: ; >Sent: Thursday, February 03, 2000 10:59 PM >Subject: Food for Thawte > >Only slightly off-topic... > [snip] >Thawte's Web of Trust program is patently bogus. Any fool could generate 50 >keys, use them to sign a 51st key and then call it 'Trusted'. As far as I'm >concerned, this is illustrative as to why third party CAs are worthless to >begin with. You pay them so that their 'root' becomes more valid. I certainly agree that there are some big issues concerning the true extent of the trust that can be placed in such services but I also think that there is a big question mark about their value for other reasons. In those situations where I have needed to relate a physical world identity with a cyberspace one my experience has been that the physical world relationship that I have with the individual or orgnaisation concerned has always provided me with enough information to do this. On the few occasions where I have relied on a mutually known third party to verify such a relationship it would have been possible to sustitute Thwarte for such purposes but I would consider the inspection of a few documents to be a relatively poor substitute for the personal trust relationships that I would much rather use. Most of the time my interest is much more about 'trust' than it is about 'identity' and this makes me rather doubtful about the value of identity linked certificates in principle. I am sure that the head of the Russian mafia has the documents that he or she needs to prove their identity to Thwarte but this says nothing about the extent to which I should trust them. Where I have found a need to know the something about a cyberspace entity that I am dealing with is when I visit an e-commerce site from which I want to make a purchase. Here I do want to know that when I visit a site that purports to be 'Company X's' site really is their site and not some crooked outfit masquerading as them. For a number of reasons I may have come to trust the 'real world' company even though I have no real world relationship with them and I do want to know that this trust will carry over into cyberspace. And, in contrast with my relationships with people, I will often have no easy way of confirming the relationship between the real world company and its cyberspace 'alter ego'. Probably becuase of government disapproval, companies have been much less willing to commit to PGP than individuals. Moreover, in the past, many governments have not wanted 'people popular' mechanisms for handling such issues since they do want citizen identity information for a combination of honest (but misguided) and malign purposes and want to ride on the back of e-commerce to obtain such information. When this is looked at in more detail what I really want from any countersignature on an e-commerce site certificate is not identity information but rather a guarantee from the counter-signatory that if anything goes wrong in my transactions with the site they will underwrite any losses or damage that I may incur. I want their couter-signature signature not to underwrite identity as such (although this is of some value here) but rather to carry insurance covering my risks. When Thwarte/Verisign and/or the banks provide e-commerce site certificates that carry good insurance against ***all*** my risks as a cyberspace consumer, that is, not only the financial ones but the privacy, security and safety ones as well, and without all the small print 'get outs' that are currently involved, then I will take these services more seriously. Carl Ellison, Nicholas Bohm and I have a paper covering aspects of this issue at: http://jya.com/bg/digsig.pdf and Carl and Bruce Schneier have written recently about the PKI issues in particular. Brian Gladman From brucew@thawte.com Fri, 04 Feb 2000 14:36:10 +0200 Date: Fri, 04 Feb 2000 14:36:10 +0200 From: Bruce brucew@thawte.com Subject: [PGP]: FWD: Food for Thawte This is a cryptographically signed message in MIME format. --------------msBA174675CB24836C50B6788B Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Hi All, > My favorite line below is "that's a security policy, I can't tell you > that." That's OUTRAGEOUS: a security policy on such matters as affect > the root of an entire web of trust MUST be public. Extremely public. Would it be considered prudent to make known the list of people who have control over the keys? Yes, from a trust point of view perhaps it would be, but from a security point of view most certainly not. No one is going to hold a gun to your head and demand use of your keys, because, in the big picture there would be very little to gain from this. Doing the same to someone who has control of Thawte's keys however, would have some serious repercussions. -- Bruce Watermeyer Thawte Certification Thawte now offers technical support 24 hours a day, 5 days a week: http://www.thawte.com/support/irc.html "It's better to regret something you did, Than something you didn't do!" --------------msBA174675CB24836C50B6788B Content-Type: application/x-pkcs7-signature; name="smime.p7s" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7s" Content-Description: S/MIME Cryptographic Signature MIII0wYJKoZIhvcNAQcCoIIIxDCCCMACAQExCzAJBgUrDgMCGgUAMAsGCSqGSIb3DQEHAaCC BqQwggOIMIIC8aADAgECAgMCB54wDQYJKoZIhvcNAQEEBQAwgZQxCzAJBgNVBAYTAlpBMRUw EwYDVQQIEwxXZXN0ZXJuIENhcGUxFDASBgNVBAcTC0R1cmJhbnZpbGxlMQ8wDQYDVQQKEwZU aGF3dGUxHTAbBgNVBAsTFENlcnRpZmljYXRlIFNlcnZpY2VzMSgwJgYDVQQDEx9QZXJzb25h bCBGcmVlbWFpbCBSU0EgMTk5OS45LjE2MB4XDTAwMDIwMTEwMDIwNFoXDTAxMDEzMTEwMDIw NFowge0xCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0ZXJuIENhcGUxEjAQBgNVBAcTCUNh cGUgVG93bjEkMCIGA1UEChMbVGhhd3RlIENvbnN1bHRpbmcgKFB0eSkgTHRkMR0wGwYDVQQM ExRNYXJrZXRpbmcgRGVwYXJ0bWVudDETMBEGA1UEBBMKV2F0ZXJtZXllcjEVMBMGA1UEKhMM QnJ1Y2UgQWRyaWFuMSAwHgYDVQQDExdCcnVjZSBBZHJpYW4gV2F0ZXJtZXllcjEgMB4GCSqG SIb3DQEJARYRYnJ1Y2V3QHRoYXd0ZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB AOIUoPiQQ7CklpwdcORK/h8000YVcTaP69+X+dOkbsOK3TADEfDrFcziYtB7g1o4kXEw1qgZ yuxCrQM59u8XJdr50PXIywQKOUl88rAiaLPG17qa6rQJZhm3wl3PxpRNIRdxnyeZHxquge6y OvvAx3ZT0jss1IlFBPespvmNC60LAgMBAAGjgYwwgYkwOgYFK2UBBAEEMTAvAgEAMCowCwIB AQQGYnJ1Y2V3MBsCAQQEFms5VnhCZEg0R0t0Uk1iVGZrR25IM1EwHAYDVR0RBBUwE4ERYnJ1 Y2V3QHRoYXd0ZS5jb20wDAYDVR0TAQH/BAIwADAfBgNVHSMEGDAWgBSIq/Fgg2ZV9ORYx0Yd wGG9I9fDjDANBgkqhkiG9w0BAQQFAAOBgQAjt88+kOF7CBXKjK7E51Ls1P5V75zlohXw0Uwi I2BmN4pyQ8H6rdP2aTWmZVdk4KFnPOMFu+DXyP53x9eDzOIFPszzRxrjc+4NI7LUUHCAcgxp ngRFK/WkDRgYjPvWg5J7cErvdpuFoeOevqa7pGj3HlSZJNiTX0ha/7AsP4A04TCCAxQwggJ9 oAMCAQICAQswDQYJKoZIhvcNAQEEBQAwgdExCzAJBgNVBAYTAlpBMRUwEwYDVQQIEwxXZXN0 ZXJuIENhcGUxEjAQBgNVBAcTCUNhcGUgVG93bjEaMBgGA1UEChMRVGhhd3RlIENvbnN1bHRp bmcxKDAmBgNVBAsTH0NlcnRpZmljYXRpb24gU2VydmljZXMgRGl2aXNpb24xJDAiBgNVBAMT G1RoYXd0ZSBQZXJzb25hbCBGcmVlbWFpbCBDQTErMCkGCSqGSIb3DQEJARYccGVyc29uYWwt ZnJlZW1haWxAdGhhd3RlLmNvbTAeFw05OTA5MTYxNDAxNDBaFw0wMTA5MTUxNDAxNDBaMIGU MQswCQYDVQQGEwJaQTEVMBMGA1UECBMMV2VzdGVybiBDYXBlMRQwEgYDVQQHEwtEdXJiYW52 aWxsZTEPMA0GA1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEo MCYGA1UEAxMfUGVyc29uYWwgRnJlZW1haWwgUlNBIDE5OTkuOS4xNjCBnzANBgkqhkiG9w0B AQEFAAOBjQAwgYkCgYEAs2lal9TQFgt6tcVd6SGcI3LNEkxL937Px/vKciT0QlKsV5Xje2F6 F4Tn/XI5OJS06u1lp5IGXr3gZfYZu5R5dkw+uWhwdYQc9BF0ALwFLE8JAxcxzPRB1HLGpl3i iESwiy7ETfHw1oU+bPOVlHiRfkDpnNGNFVeOwnPlMN5G9U8CAwEAAaM3MDUwEgYDVR0TAQH/ BAgwBgEB/wIBADAfBgNVHSMEGDAWgBRyScJzNMZV9At2coF+d/SH58ayDjANBgkqhkiG9w0B AQQFAAOBgQBrxlnpMfrptuyxA9jfcnL+kWBI6sZV3XvwZ47GYXDnbcKlN9idtxcoVgWL3Vx1 b8aRkMZsZnET0BB8a5FvhuAhNi3B1+qyCa3PLW3Gg1Kb+7v+nIed/LfpdJLkXJeu/H6syg1v cnpnLGtz9Yb5nfUAbvQdB86dnoJjKe+TCX5V3jGCAfcwggHzAgEBMIGcMIGUMQswCQYDVQQG EwJaQTEVMBMGA1UECBMMV2VzdGVybiBDYXBlMRQwEgYDVQQHEwtEdXJiYW52aWxsZTEPMA0G A1UEChMGVGhhd3RlMR0wGwYDVQQLExRDZXJ0aWZpY2F0ZSBTZXJ2aWNlczEoMCYGA1UEAxMf UGVyc29uYWwgRnJlZW1haWwgUlNBIDE5OTkuOS4xNgIDAgeeMAkGBSsOAwIaBQCggbEwGAYJ KoZIhvcNAQkDMQsGCSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMDAwMjA0MTIzNjEwWjAj BgkqhkiG9w0BCQQxFgQUiLVjQ834PL5MFqs+gH7x0Eh92YYwUgYJKoZIhvcNAQkPMUUwQzAK BggqhkiG9w0DBzAOBggqhkiG9w0DAgICAIAwBwYFKw4DAgcwDQYIKoZIhvcNAwICAUAwDQYI KoZIhvcNAwICASgwDQYJKoZIhvcNAQEBBQAEgYAl01BYr/M+GvK0BoOiC3HvZwYzmKDPL9n+ 1RK9tYv9bFZX72RckEB7o4WO/my/3qG/5go9YfNp53bmcJ+AK3vWM20lM+RinazkuYiwrX5q YzLhvBhfKA8g8MZH1a2IfKzIa/S9D4CO8c3E5VGQ4/Z5739QJAZWs7Uno4ZrC8pKSA== --------------msBA174675CB24836C50B6788B-- From ben@algroup.co.uk Fri, 04 Feb 2000 13:10:27 +0000 Date: Fri, 04 Feb 2000 13:10:27 +0000 From: Ben Laurie ben@algroup.co.uk Subject: [PGP]: FWD: Food for Thawte Bruce wrote: > > Hi All, > > > My favorite line below is "that's a security policy, I can't tell you > > that." That's OUTRAGEOUS: a security policy on such matters as affect > > the root of an entire web of trust MUST be public. Extremely public. > > Would it be considered prudent to make known the list of people who have control > over the keys? Yes, from a trust point of view perhaps it would be, but from a > security point of view most certainly not. No one is going to hold a gun to your > head and demand use of your keys, because, in the big picture there would be very > little to gain from this. Doing the same to someone who has control of Thawte's > keys however, would have some serious repercussions. Do you really think that you can keep that secret? From a man with a gun? Cheers, Ben. -- SECURE HOSTING AT THE BUNKER! http://www.thebunker.net/hosting.htm http://www.apache-ssl.org/ben.html Y19100 no-prize winner! http://www.ntk.net/index.cgi?back=2000/now0121.txt From bdm@fenrir.demon.co.uk Fri, 04 Feb 2000 13:27:33 Date: Fri, 04 Feb 2000 13:27:33 From: Brian Morrison bdm@fenrir.demon.co.uk Subject: [PGP]: FWD: Food for Thawte On Fri, 04 Feb 2000 13:10:27 +0000, Ben Laurie wrote: >> security point of view most certainly not. No one is going to hold a gun to your >> head and demand use of your keys, because, in the big picture there would be very >> little to gain from this. Doing the same to someone who has control of Thawte's >> keys however, would have some serious repercussions. > >Do you really think that you can keep that secret? From a man with a >gun? I think that what is necessary is for the man with a gun to know that holding the gun to the head of someone with control of Thawte's keys will achieve nothing. You need a mechanism where suborning an individual or group of individuals does not allow access to those keys. Whether that is a realistic prospect I'm not sure. -- Brian Morrison bdm@fenrir.demon.co.uk do you know how far this has gone? just how damaged have I become? 'Even Deeper' by Nine Inch Nails From jya@pipeline.com Fri, 04 Feb 2000 09:03:56 -0500 Date: Fri, 04 Feb 2000 09:03:56 -0500 From: John Young jya@pipeline.com Subject: [PGP]: FWD: Food for Thawte Brian Morrison wrote: >I think that what is necessary is for the man with a gun to know that >holding the gun to the head of someone with control of Thawte's keys >will achieve nothing. You need a mechanism where suborning an >individual or group of individuals does not allow access to those keys. > >Whether that is a realistic prospect I'm not sure. But isn't the primary reason for Trusted Third Parties and CAs to assure that an authorized gun will be able to get what is wanted? Otherwise the PRC model must be instituted to forbid inaccessible encryption, or rather, maintained. As with other "trusted" institutions. It is the trust that's up for grabs, in particular if it is institutionalized and faced with an impeccable facade, a visage that by god is as believably sound as the unshakeable pound. As the proponents of trust ever aver, my god, man, how much do you want, be reasonable, now, don't ask for the impossible. Tis upon hearing those words of "reasonable" assurance that you must be careful to watch your wallet and the assurer's twitches. From johndoe2@mail.anonymizer.com Fri, 04 Feb 2000 07:54:24 -0800 Date: Fri, 04 Feb 2000 07:54:24 -0800 From: John Doe Number Two johndoe2@mail.anonymizer.com Subject: Food for Thawte Dear Bruce, Thank you for your replies. You wrote: > Would it be considered prudent to make known the list of people who have > control over the keys? Yes, from a trust point of view perhaps it would be, >but from a security point of view most certainly not. No one is going to hold a >gun to your head and demand use of your keys, because, in the big picture >there would be very little to gain from this. Doing the same to someone who has >control of Thawte's keys however, would have some serious repercussions. The people in charge of those uniformed chaps in silos had similar concerns, but rather than leave things to chance, they set things up so that it would take three (3) people turning their keys at the appropriate time to turn Vladivostok into a nuclear wasteland. In the world of digital security, this is called 'splitting a key'. Your fears of ThawteCrime would be lowered if you didn't have to base your entire threat model on concerns about Shuttleworth being waylaid by Zulus. Assuming for the moment I'm exaggerating, would it not be a Good Thing to tell us who controls the keys and how (in a general sense) control is exercised? Explaining how the root is tethered would be a wonderful start. Or is it not tethered at all? In a second message you wrote: > The trust assigned by Thawte is not based on signatures on a key at all. It > has absolutely nothing to do with the number of signatures on a key! Are you aware how absurd these twenty-nine words look strung together? I suggest you reread Phil Zimmerman's Web of Trust documentation. Signatures are everything in PGP. If a sig only runs one way then it is at best a cult and at worst untrusted by the recipients of the signature. There must be a way for people to verify Thawte's key and no, a secure site does not cut it. Later in the message you add: > Regarding the validity of the Thawte signing key, I grant you that there could be a more effective method of validation, but to suggest that a secure site > presenting the information cannot be trusted as a source is to suggest that >Thawte itself cannot be trusted. And that is an entirely different story! By implementing a Web of Trust programme based on a hierarchical (and possibly untethered) CA you are trying to square a circle. PGP simply does not work the way you'd like it to work. As things currently stand, your signing key has no value simply because it is validated only unto itself and merely indirectly signed by someone (Scannell) with a clue. In order to make your scheme work, you must do the following: 1. Explain how and by whom your signing key is controlled. 2. Allow PGP users (your notaries?) to sign Thawte's key by confirming the signer properties with a human being with access to the private key. -JDII PS: You might consider adding your surname to your email 'from' line. In the world of crypto, there is only one Bruce and you are not him. ____________________________________________________________ "Insert the usual disclaimer here." Key ID: 0x8EF048F5 4093 Bit DH/DSS Fingerprint: CC8F 8D2C E1A3 6555 7438 B456 D00E A83C 8EF0 48F5 From davidh@spidacom.co.uk Fri, 4 Feb 2000 16:20:44 -0000 Date: Fri, 4 Feb 2000 16:20:44 -0000 From: David Hansen davidh@spidacom.co.uk Subject: Food for Thawte On 4 Feb 00, at 7:54, John Doe Number Two wrote: > The people in charge of those uniformed chaps in silos had similar > concerns, but rather than leave things to chance, they set things up so > that it would take three (3) people turning their keys at the > appropriate time to turn Vladivostok into a nuclear wasteland. They always said it was two. David Hansen | davidh@spidacom.co.uk | PGP email preferred Edinburgh | CI$ number 100024,3247 | key number F566DA0E From rabbi@quickie.net Fri, 4 Feb 2000 11:29:33 -0500 (EST) Date: Fri, 4 Feb 2000 11:29:33 -0500 (EST) From: L. Sassaman rabbi@quickie.net Subject: [PGP]: Re: Food for Thawte -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 4 Feb 2000, John Doe Number Two wrote: > PS: You might consider adding your surname to your email 'from' line. In > the world of crypto, there is only one Bruce and you are not him. That was uncalled for. __ L. Sassaman System Administrator | "All of the chaos Technology Consultant | Makes perfect sense..." icq.. 10735603 | pgp.. finger://ns.quickie.net/rabbi | --Joe Diffie -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.1 (GNU/Linux) Comment: OpenPGP Encrypted Email Preferred. iD8DBQE4mv59PYrxsgmsCmoRAlF2AKCNwUd+QhYTjrP8eO/E1I4cXbN95gCfbzsl hJWOxeoocOlym9rv9tsBlYU= =fgec -----END PGP SIGNATURE----- From rabbi@quickie.net Fri, 4 Feb 2000 11:29:33 -0500 (EST) Date: Fri, 4 Feb 2000 11:29:33 -0500 (EST) From: L. Sassaman rabbi@quickie.net Subject: [PGP]: Re: Food for Thawte -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 4 Feb 2000, John Doe Number Two wrote: > PS: You might consider adding your surname to your email 'from' line. In > the world of crypto, there is only one Bruce and you are not him. That was uncalled for. __ L. Sassaman System Administrator | "All of the chaos Technology Consultant | Makes perfect sense..." icq.. 10735603 | pgp.. finger://ns.quickie.net/rabbi | --Joe Diffie -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.1 (GNU/Linux) Comment: OpenPGP Encrypted Email Preferred. iD8DBQE4mv59PYrxsgmsCmoRAlF2AKCNwUd+QhYTjrP8eO/E1I4cXbN95gCfbzsl hJWOxeoocOlym9rv9tsBlYU= =fgec -----END PGP SIGNATURE----- From donald@ramsbottom.co.uk Fri, 04 Feb 2000 17:38:34 +0000 Date: Fri, 04 Feb 2000 17:38:34 +0000 From: Donald Ramsbottom donald@ramsbottom.co.uk Subject: DVD -deCSS Court case Just a spurious thought. As has been pointed out by others the object of the case must have been to intimidate those who would disseminate the code over the net AND to prevent that dissemination. Now the code itself is an exhibit to a court document lodged by the Plaintiffs. That court document is now a public record and is freely downloadable anywhere in the world. The terms of the interim injunctive relief were to stop the defendants by themselves or their agents from further postings as well as anyone else (you see where this is going), so logically there are two possible breaches of that injunction. Firstly the court itself ;), but more importantly the plaintiffs by lodging the code and the court disseminating it have breached the terms of that injunction and should be held in contempt themselves! Not sustainable I know but curious nonetheless. BTW does any body have any further info on the unfortunate 16 year old now charged with criminal offences in respect of that very matter which has now been put into the public domain by the Plaintiffs themselves and their agents the Court sytem of NYS? Donald Ramsbottom LL.B, BA (Hons). RAMSBOTTOM & Co. Solicitors Internet Law & Global Cryptology Law Specialists From brian.gladman@btinternet.com Fri, 4 Feb 2000 17:03:24 -0000 Date: Fri, 4 Feb 2000 17:03:24 -0000 From: Brian Gladman brian.gladman@btinternet.com Subject: Food for Thawte From: "Bruce" To: Sent: Friday, February 04, 2000 7:36 AM Subject: Re: Food for Thawte [snip} > Regarding the validity of the Thawte signing key, I grant you that there could be > a more effective method of validation, but to suggest that a secure site > presenting the information cannot be trusted as a source is to suggest that Thawte > itself cannot be trusted. And that is an entirely different story! I really don't understand your logic here - are you seriously suggesting that if I don't trust a computer system operated by a company then it always follows that I should not trust the company? Computer systems are quite often seriously flawed in security terms and this means that there are cogent reasons for not trusting a computer system even if the company running it is considered trustworthy. Moreover, the prospects that Internet connected computer systems are truly secure against the sort of attacks that sophisticated and well resourced organisations and agencies can mount against them is in my view very low indeed. And this will not change until we can have a high degree of confidence in the security properties of operating systems, which I believe is a long way off. Brian Gladman From james@cloud9.co.uk Fri, 4 Feb 2000 17:06:30 +0000 Date: Fri, 4 Feb 2000 17:06:30 +0000 From: James Fidell james@cloud9.co.uk Subject: DVD -deCSS Court case Quoting Donald Ramsbottom (donald@ramsbottom.co.uk): > BTW does any body have any further info on the unfortunate 16 year old now > charged with criminal offences in respect of that very matter which has now > been put into the public domain by the Plaintiffs themselves and their > agents the Court sytem of NYS? Last I heard, the plaintiffs had applied to the judge to keep the deCSS code secret (and were granted that right by the judge). James. -- "Yield to temptation -- | Consultancy: james@cloud9.co.uk it may not pass your way again" | http://www.cloud9.co.uk/james | - Lazarus Long | James Fidell From bdm@fenrir.demon.co.uk Fri, 04 Feb 2000 17:42:19 Date: Fri, 04 Feb 2000 17:42:19 From: Brian Morrison bdm@fenrir.demon.co.uk Subject: Food for Thawte On Fri, 4 Feb 2000 17:03:24 -0000, Brian Gladman wrote: >And this will not change until we can have a high degree of confidence in >the security properties of operating systems, which I believe is a long way >off. And of course one has to ask why OS security is so poor thus far. Some people sticking their oars in methinks. -- Brian Morrison bdm@fenrir.demon.co.uk do you know how far this has gone? just how damaged have I become? 'Even Deeper' by Nine Inch Nails From donald@ramsbottom.co.uk Fri, 04 Feb 2000 18:51:11 +0000 Date: Fri, 04 Feb 2000 18:51:11 +0000 From: Donald Ramsbottom donald@ramsbottom.co.uk Subject: DVD -deCSS Court case SNIP >Last I heard, the plaintiffs had applied to the judge to keep the deCSS >code secret (and were granted that right by the judge). > >James. >-- Ok I was wrong I obviously did not get the statement of the plaintiff from the site below which only has the Injunction and now a form of preliminary Judgement. My mistake. sorry. Mind you that does not appear to cover paper pleadings. (the injunction that is). The judgement does conclude with these words : "For the foregoing reasons, the Court granted plaintiffs' motion for a preliminary injunction and entered such an order on January 20, 2000. The foregoing, ****together with those made on the record on that date****, constitute the Court's findings of fact and conclusions of law. SO ORDERED. Dated: February 2, 2000" *** is my emphasis*** http://www.nysd.uscourts.gov/courtweb/ Anyhow, the thoughts were mere musings and I shall leave them at that. Donald Ramsbottom LL.B, BA (Hons). RAMSBOTTOM & Co. Solicitors Internet Law & Global Cryptology Law Specialists From rabbi@quickie.net Fri, 4 Feb 2000 13:58:34 -0500 (EST) Date: Fri, 4 Feb 2000 13:58:34 -0500 (EST) From: L. Sassaman rabbi@quickie.net Subject: [PGP]: Re: Food for Thawte -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 4 Feb 2000, John Doe Number Two wrote: > Dear Bruce, > > Thank you for your replies. You wrote: > Would it be considered > prudent to make known the list of people who have > control over the > keys? Yes, from a trust point of view perhaps it would be, >but from a > security point of view most certainly not. No one is going to hold a > >gun to your head and demand use of your keys, because, in the big > picture >there would be very little to gain from this. Doing the same > to someone who has >control of Thawte's keys however, would have some > serious repercussions. > > The people in charge of those uniformed chaps in silos had similar concerns, > but rather than leave things to chance, they set things up so that it would > take three (3) people turning their keys at the appropriate time to turn > Vladivostok into a nuclear wasteland. This is a good suggestion, and should be used for corporate or high level security signing keys... but the FreeMail system IMHO doesn't warrant this level of [inconvenience] security... and would make automation for this [free] service impossible [making it impractical as a free service]. Higher level Freemail keys (see end of this email) should be split, provided they adapt that model. > In the world of digital security, this is called 'splitting a key'. Your > fears of ThawteCrime would be lowered if you didn't have to base your entire > threat model on concerns about Shuttleworth being waylaid by Zulus. > Assuming for the moment I'm exaggerating, would it not be a Good Thing to > tell us who controls the keys and how (in a general sense) control is > exercised? Explaining how the root is tethered would be a wonderful start. > Or is it not tethered at all? That would be important to know. > In a second message you wrote: > > > The trust assigned by Thawte is not based on signatures on a key at all. It > > has absolutely nothing to do with the number of signatures on a key! > > Are you aware how absurd these twenty-nine words look strung together? I > suggest you reread Phil Zimmerman's Web of Trust documentation. Signatures > are everything in PGP. If a sig only runs one way then it is at best a cult > and at worst untrusted by the recipients of the signature. There must be a > way for people to verify Thawte's key and no, a secure site does not cut > it. I think Bruce's point here is that the Thawte Web of Trust has little to do with PGP. It is a proprietary model that merely shares the same name (hence the confusion) as Phil's model. Remember, Thawte's business is x509 certificate verification. PGP signatures are secondary (obviously, because they haven't figured out how to properly sign keys yet. More on that in a moment.) > Later in the message you add: > > > Regarding the validity of the Thawte signing key, I grant you that > there could be a more effective method of validation, but to suggest > that a secure site > presenting the information cannot be trusted as a > source is to suggest that >Thawte itself cannot be trusted. And that > is an entirely different story! > > By implementing a Web of Trust programme based on a hierarchical (and > possibly untethered) CA you are trying to square a circle. PGP simply does > not work the way you'd like it to work. As things currently stand, your > signing key has no value simply because it is validated only unto itself and > merely indirectly signed by someone (Scannell) with a clue. In order to make > your scheme work, you must do the following: It *is* untethered, but Thawte views itself as a top-level, infallible entity, so they seem to view this as a non-issue. > 1. Explain how and by whom your signing key is controlled. Full disclosure is good. I could make a reasonably educated guess based on the job descriptions on the website as to who has the passphrases and keys at Thawte, so the "security through [obscurity] nondisclosure" is a weak attempt at best. > 2. Allow PGP users (your notaries?) to sign Thawte's key by confirming the > signer properties with a human being with access to the private key. There is no reason this should not and could not be done. Also, Thawte should actually sign the user's existing keyids, rather than creating new keyids. This obfuscates the keyring data and is simply annoying, for there is no reason to do signing the way that they do. When I became a trusted notary, I was given a new keyid with my full name attached to it (which, first of all, I perfer not to advertise in favor of my first initial and last name, for personal, non-security reasons), and my email address: uid Leonard Harris Sassaman sig 3CE4352F 1999-08-10 Thawte Personal Freemail RSA Issuer 1998.9.16 Rather than signing my primary uid, on which I collect all of my signatures: pub 1024D/09AC0A6A 1998-07-14 L. Sassaman sig 09AC0A6A 1998-07-14 L. Sassaman This is just silly. They are signing the same key, with the same email address bound to it. And simply signing the key would be far less complicated development wise for them than generationg a new uid for my key. In addition, my new UID and signature that was assigned to me before I was trusted is this: uid Thawte Freemail Member sig 3CE4352F 1999-07-09 Thawte Personal Freemail RSA Issuer 1998.9.16 Notice that the signing key is the same. What Thawte apparently has failed to realise is that the trust system of PGP is configured by the user with regard to which signing keys to trust. I *cannot* trust Thawte's PGP signatures on Thaete notaries, even though I may like to, because the same key is used to sign the generic "Freemail" users (for which no verification is done initially. If Thawte wanted to do this right, they would generate signing keys for each levels of points they use in their WoT system, and sign based on that. Suppose they use their existing Freemail key to sign the 0 trust Freemail members. When a member obtains 50 points (the level at which Thawte will grant the ability to have one's name listed in certificates) Thawte will sign with a different key "Thawte Personal 50 Point Freemail RSA Issuer". And when a member reaches 100 points, and becomes a notary, Thawte will sign with a third key "Thawte Personal Freemail Notary RSA Issuer". That way, I can chose to trust only notaries, or only the 50-pointers, by trusting the respective key as in introducer. As it is right now, the signatures are functionally useless, even if we ignore the "untethered key" issue altogether. __ L. Sassaman System Administrator | "All of the chaos Technology Consultant | Makes perfect sense..." icq.. 10735603 | pgp.. finger://ns.quickie.net/rabbi | --Joe Diffie -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.1 (GNU/Linux) Comment: OpenPGP Encrypted Email Preferred. iD8DBQE4myFiPYrxsgmsCmoRAqkJAKDUWOND4lBBH1mpZ8BT2uxjPq6kmgCfT9nM JlwIkBDBPUuPlu4ya1hY+VQ= =+vpM -----END PGP SIGNATURE----- From jya@pipeline.com Fri, 04 Feb 2000 14:49:26 -0500 Date: Fri, 04 Feb 2000 14:49:26 -0500 From: John Young jya@pipeline.com Subject: DVD -deCSS Court case There are two DeCSS court cases, one in California, at the state court level, and one in New York, at the federal district court level. The plaintiff in California is the DVD CCA organization set up recently to promote DVD and enforce its licensing provisions. It is linked to, but not the same as, the New York plaintiff, MPAA, the Motion Picture Association of America, or, rather eight members of MPAA. Both plaintiffs have Web sites: http://www.dvdcca.org http://www.mpaa.org The premier collection of documents on the two cases is on the EFF site: http://www.eff.org For shorthand, the California case is referred to as "DVD CCA," the New York, "MPAA." Both involve DeCSS, a program which allegedly decrypts CSS -- the Content Scrambling System which does something to DVD disks, exactly what it does is disputed. The California suit claims trade secret violations by DeCSS; the New York suit claims violation by DeCSS of the DVD copyright protection system -- the Content Scrambling System (CSS) -- under the Digital Millennium Copyright Act (DMCA), a recently enacted law which extended copyright protection. It was in the California court that CSS, a trade secret, was mistakenly filed as an exhibit to a plaintiff declaration as an open public record and was then subsequently sealed after the error was revealed by publishing the open document on the Web. The order to seal is applicable only to members of the bar and court officials who are forbidden to copy CSS. The order does not apply to any citizen who may freely copy the court record and CSS, nor does the order apply to the online version (which we can report as the host has been downloaded now 70,000 times). Beyond this nutshell I'd better not go, for the technical and legal issues involve interpretations beyond my abilities -- but not beyond my stupid convictions: we continue to offer DeCSS on our site, and remain one of 521 defendants in the California case. Not yet sued in New York, our majestic squat. From lists@notatla.demon.co.uk Fri, 4 Feb 2000 22:01:57 GMT Date: Fri, 4 Feb 2000 22:01:57 GMT From: lists@notatla.demon.co.uk lists@notatla.demon.co.uk Subject: Food for Thawte From: "Brian Morrison" > And of course one has to ask why OS security is so poor thus far. Some > people sticking their oars in methinks. This is getting seriously off-topic, but I'll say that there's no need to speculate about interference when there are adequate explanations in the areas of laziness and ignorance. And there's no reason I know to think Thawte have contributed to poor OS security. From rabbi@quickie.net Fri, 4 Feb 2000 13:58:34 -0500 (EST) Date: Fri, 4 Feb 2000 13:58:34 -0500 (EST) From: L. Sassaman rabbi@quickie.net Subject: [PGP]: Re: Food for Thawte -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 4 Feb 2000, John Doe Number Two wrote: > Dear Bruce, > > Thank you for your replies. You wrote: > Would it be considered > prudent to make known the list of people who have > control over the > keys? Yes, from a trust point of view perhaps it would be, >but from a > security point of view most certainly not. No one is going to hold a > >gun to your head and demand use of your keys, because, in the big > picture >there would be very little to gain from this. Doing the same > to someone who has >control of Thawte's keys however, would have some > serious repercussions. > > The people in charge of those uniformed chaps in silos had similar concerns, > but rather than leave things to chance, they set things up so that it would > take three (3) people turning their keys at the appropriate time to turn > Vladivostok into a nuclear wasteland. This is a good suggestion, and should be used for corporate or high level security signing keys... but the FreeMail system IMHO doesn't warrant this level of [inconvenience] security... and would make automation for this [free] service impossible [making it impractical as a free service]. Higher level Freemail keys (see end of this email) should be split, provided they adapt that model. > In the world of digital security, this is called 'splitting a key'. Your > fears of ThawteCrime would be lowered if you didn't have to base your entire > threat model on concerns about Shuttleworth being waylaid by Zulus. > Assuming for the moment I'm exaggerating, would it not be a Good Thing to > tell us who controls the keys and how (in a general sense) control is > exercised? Explaining how the root is tethered would be a wonderful start. > Or is it not tethered at all? That would be important to know. > In a second message you wrote: > > > The trust assigned by Thawte is not based on signatures on a key at all. It > > has absolutely nothing to do with the number of signatures on a key! > > Are you aware how absurd these twenty-nine words look strung together? I > suggest you reread Phil Zimmerman's Web of Trust documentation. Signatures > are everything in PGP. If a sig only runs one way then it is at best a cult > and at worst untrusted by the recipients of the signature. There must be a > way for people to verify Thawte's key and no, a secure site does not cut > it. I think Bruce's point here is that the Thawte Web of Trust has little to do with PGP. It is a proprietary model that merely shares the same name (hence the confusion) as Phil's model. Remember, Thawte's business is x509 certificate verification. PGP signatures are secondary (obviously, because they haven't figured out how to properly sign keys yet. More on that in a moment.) > Later in the message you add: > > > Regarding the validity of the Thawte signing key, I grant you that > there could be a more effective method of validation, but to suggest > that a secure site > presenting the information cannot be trusted as a > source is to suggest that >Thawte itself cannot be trusted. And that > is an entirely different story! > > By implementing a Web of Trust programme based on a hierarchical (and > possibly untethered) CA you are trying to square a circle. PGP simply does > not work the way you'd like it to work. As things currently stand, your > signing key has no value simply because it is validated only unto itself and > merely indirectly signed by someone (Scannell) with a clue. In order to make > your scheme work, you must do the following: It *is* untethered, but Thawte views itself as a top-level, infallible entity, so they seem to view this as a non-issue. > 1. Explain how and by whom your signing key is controlled. Full disclosure is good. I could make a reasonably educated guess based on the job descriptions on the website as to who has the passphrases and keys at Thawte, so the "security through [obscurity] nondisclosure" is a weak attempt at best. > 2. Allow PGP users (your notaries?) to sign Thawte's key by confirming the > signer properties with a human being with access to the private key. There is no reason this should not and could not be done. Also, Thawte should actually sign the user's existing keyids, rather than creating new keyids. This obfuscates the keyring data and is simply annoying, for there is no reason to do signing the way that they do. When I became a trusted notary, I was given a new keyid with my full name attached to it (which, first of all, I perfer not to advertise in favor of my first initial and last name, for personal, non-security reasons), and my email address: uid Leonard Harris Sassaman sig 3CE4352F 1999-08-10 Thawte Personal Freemail RSA Issuer 1998.9.16 Rather than signing my primary uid, on which I collect all of my signatures: pub 1024D/09AC0A6A 1998-07-14 L. Sassaman sig 09AC0A6A 1998-07-14 L. Sassaman This is just silly. They are signing the same key, with the same email address bound to it. And simply signing the key would be far less complicated development wise for them than generationg a new uid for my key. In addition, my new UID and signature that was assigned to me before I was trusted is this: uid Thawte Freemail Member sig 3CE4352F 1999-07-09 Thawte Personal Freemail RSA Issuer 1998.9.16 Notice that the signing key is the same. What Thawte apparently has failed to realise is that the trust system of PGP is configured by the user with regard to which signing keys to trust. I *cannot* trust Thawte's PGP signatures on Thaete notaries, even though I may like to, because the same key is used to sign the generic "Freemail" users (for which no verification is done initially. If Thawte wanted to do this right, they would generate signing keys for each levels of points they use in their WoT system, and sign based on that. Suppose they use their existing Freemail key to sign the 0 trust Freemail members. When a member obtains 50 points (the level at which Thawte will grant the ability to have one's name listed in certificates) Thawte will sign with a different key "Thawte Personal 50 Point Freemail RSA Issuer". And when a member reaches 100 points, and becomes a notary, Thawte will sign with a third key "Thawte Personal Freemail Notary RSA Issuer". That way, I can chose to trust only notaries, or only the 50-pointers, by trusting the respective key as in introducer. As it is right now, the signatures are functionally useless, even if we ignore the "untethered key" issue altogether. __ L. Sassaman System Administrator | "All of the chaos Technology Consultant | Makes perfect sense..." icq.. 10735603 | pgp.. finger://ns.quickie.net/rabbi | --Joe Diffie -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.1 (GNU/Linux) Comment: OpenPGP Encrypted Email Preferred. iD8DBQE4myFiPYrxsgmsCmoRAqkJAKDUWOND4lBBH1mpZ8BT2uxjPq6kmgCfT9nM JlwIkBDBPUuPlu4ya1hY+VQ= =+vpM -----END PGP SIGNATURE----- From jya@pipeline.com Fri, 04 Feb 2000 18:18:41 -0500 Date: Fri, 04 Feb 2000 18:18:41 -0500 From: John Young jya@pipeline.com Subject: DVD -deCSS Court case I failed to mention a third, and equally important, DeCSS case. That involves a Norwegian, Jon Johansen, 16, and his father Per Johansen, who have had a complaint filed against them by a Norwegian corporation with ties to MPAA for being the first to put DeCSS on the Internet. They have been formally interrogated by Norwegian officials and an investigation is underway to determine if the complaint against them has merit. Jon's computer equipment and Nokia cellphone were seized for searching (yes, the phone held files). Jon is an adept hacker and participated in online discussions about DeCSS, and might or might not know who authored the program. Some news accounts and MPAA allege that Jon is the author but it is clear from mail list archives and his denieals that he is not. A squeeze of Jon and his father appears to be underway to reveal the author or to find leads on Jon's equipment. For an informative interview of Jon on his involvement in DeCSS and the official investigation see: http://linuxworld.com/linuxworld/lw-2000-01/lw-01-dvd-interview.html Thanks to B for noting my oversight of Jon's exemplary role. From rabbi@quickie.net Fri, 4 Feb 2000 19:55:59 -0500 (EST) Date: Fri, 4 Feb 2000 19:55:59 -0500 (EST) From: L. Sassaman rabbi@quickie.net Subject: [PGP]: Re: Food for Thawte [PGP integration] -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Fri, 4 Feb 2000, Frederick Wamsley wrote: > > >Also, Thawte should actually sign the user's existing keyids, rather than > >creating new keyids. This obfuscates the keyring data and is simply > >annoying, for there is no reason to do signing the way that they do. > > > I remember that they raised my eyebrows with that approach, but why > is it the wrong thing to do? It creates unnecessary cruft on the user's key-ring, mainly, and makes it hat much more confusing to determine the signers a key has. > Thawte's obeying the principle of signing only what they know. If you > claim to be somebody and they ping your address, they only know > your address. In that situation, isn't it better for them to sign a > "Thawte Freemail Member" ID than to have them sign an existing > key ID with a low-assurance key? Suppose it were a masquerade. Why? A low assurance key would be marked as such, and properly disrgarded by people who did not trust it. Though the "Freemail Member" uid doesn't bother me. It is the actual, full name certification that I have a problem with. The main keyid should be the one to bear the signature. > Wouldn't you hate to be Thawte in the position of explaining "Yeah, > we signed it without verifying the name, but we *said* we weren't sure"? Again, a signature by a key saying "Zero Level Trust" or some such imparts just that: zero trust (except for the fact that they do ping the email address.) But again, I don't see this as the problem. It is the next point that I would like to see changed. > For the higher levels, where they do know your name, they could indeed > check the primary ID and sign it if it matches the information they have > on file. For a primary ID as straightforward as yours it should even be > possible to automate the recognition that "L. Sassaman" is a synonym > for "Leonard Sassaman". But in general, wouldn't it require human > intervention to check that the name in the primary ID really meant the > same as the name in the Thawte WoT database? Not that I'm objecting > to humans, some of my best friends are humans, but they do raise the > cost of everything they touch. RealHumans[tm] at Thawte do intervene every time an ID assertion is made by a notary. The only true automation is with the initial "Thawte Freemail Member" key. Having L. Sassaman examined and determined to be the equivalent of Leondard Harris Sassaman would take no additional effort on the part of Thawte. > The point about poor usability with PGP is well taken. I've got a few > people > on my keyring who have only one valid userID, where the valid userID is > not the primary one. If I try to send encrypted email to such a person, the > valid ID (e..g Thawte Freemail Member ) doesn't show up > in the key selection dialog. I have to manually expand someone's key to > see if any secondary ID's are valid. Icky indeed. Nod. > The point about separate signing keys for different levels of assurance > is well taken too. I have a separate signing key for people like my > relatives and long-term friends, to signal that I have more than just a > driver's license worth of confidence in their identity. It amazes me that they are so obtuse with the idea of security by not signing main key IDs, but have not yet implemented a mechanism for destinguishing between their "0 Point Trust Members" and their "100 Point Trust Members" As I have stated before, I would be very willing to discuss a revamped model of signing with the Thawte folks, so that their PGP verification efforts can be improved. The ball is in their court.. > Fred the information sponge > > > > > ------------------------------------------------------------------------- > To retrieve this thread, e-mail: pgp-users-thread-12770@joshua.rivertown.net > To unsubscribe, e-mail: pgp-users-unsubscribe@joshua.rivertown.net > For additional commands, e-mail: pgp-users-help@joshua.rivertown.net > DO NOT send administrative requests/command to the list! Thanks. > __ L. Sassaman System Administrator | "All of the chaos Technology Consultant | Makes perfect sense..." icq.. 10735603 | pgp.. finger://ns.quickie.net/rabbi | --Joe Diffie -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.1 (GNU/Linux) Comment: OpenPGP Encrypted Email Preferred. iD8DBQE4m3UkPYrxsgmsCmoRAlW7AJ9pboWBGHYoitWbQU9kb1kGeF6/3ACg5NDb jR40njbH5c0GGXePorvjD5I= =NcXn -----END PGP SIGNATURE----- From padgett@gdi.net Fri, 04 Feb 2000 23:32:51 -0500 Date: Fri, 04 Feb 2000 23:32:51 -0500 From: Padgett 0sirius padgett@gdi.net Subject: [PGP]: Re: Food for Thawte Suspect that the necessary disclosure is just the schema - (x of y keys and valid only inside secure location z). That is how those on this side of the pond do it and is not that difficult. Doubt that anyone really care *who* the "y" people are. One comment though: hasn't history shown that reliance on proprietary things (security by obscurity) just does not work ? (or does only until the right less-than-gruntled employee is found). And companies that rely on such do not last ? In short, why would anyone "trust" someething proprietary when other companies offer the same thing using open and reviewed standards ? btw there may be only one "Bruce" but you can't read his signature. A. Padgett Peterson, P.E., CISSP: Cybernetic Psychophysicist Anti-Virus, Cryptographics, & Antique Radio Researcher http://www.freivald.org/~padgett/index.html mailto:padgett@gdi.net PGP 6.5 Key on request From jya@pipeline.com Sat, 05 Feb 2000 11:10:05 -0500 Date: Sat, 05 Feb 2000 11:10:05 -0500 From: John Young jya@pipeline.com Subject: How Old Is TEMPEST? We are researching a timeline for the history of TEMPEST technology and found an account which claims the earliest discovery of compromising emanations was in 1918 by Herbert Yardley and his American Black Chamber cryptology unit of the military.(1) David Kahn writes in The Codebreakers that Yardley went Europe in 1918 to be instructed on Allies techniques for cryptanalysis and other intelligence tools, in British methods of M.I. 1(b).(2) We would appreciate leads or pointers to information in Great Britain on earliest mentions of TEMPEST technology, in particular any that might reveal whether it might have been the English who told Yardley about it. This is not to discount the possiblity that the 'invention' was made in the US and that Yardley may have informed the Allies of it. We are putting contributions on the timeline at: http://cryptome.org/tempest.old Thanks very much. (1) http://www.tscm.com/TSCM101tempest.html "TEMPEST was 'invented' in 1918 when Herbert Yardley and his staff of the Black Chamber were engaged by the U.S. Army to develop methods to detect, intercept, and exploit covert radio transmitters. The initial research identified that "normal unmodified equipment" was allowing classified information to be passed to the enemy through a variety of technical weaknesses. A classified program was then created to develop methods to suppress these "compromising emanations". However, the actual acronym known as TEMPEST was only coined in the late 60's and early 70's (and is now considered an obsolete term, which has since, been replaced by the phrase "Emissions Security" or EMSEC)." About the author: "James M. Atkinson is one of a small number of people who have been formally certified and trained by the NSA as a TEMPEST Engineer, and Cryptographic Technician. He has extensive experience with the design and development of SIGINT systems to exploit and/or control compromising emanations. Additionally, he has many hours of experience working deep inside highly classified U.S. and NATO cryptographic, communications, and computer systems." (2) The Codebreakers, Chapter 12, p. 354. From proff@iq.org 06 Feb 2000 21:08:18 +1100 Date: 06 Feb 2000 21:08:18 +1100 From: Julian Assange proff@iq.org Subject: [PGP]: FWD: Food for Thawte Bruce writes: > little to gain from this. Doing the same to someone who has control of Thawte's > keys however, would have some serious repercussions. > -- > Bruce Watermeyer > Thawte Certification This is a symptom of the monopolisation of trust, and is one of the reasons CA's have to go. Cheers, Julian. -- Warren Air Force Base in Cheyenne, Wyoming, recorded a message that one of its Minuteman III intercontinental ballistic missiles was about to launch from its silo due to a computer malfunction. To prevent the possible launch, an armored car was parked on top of the silo. - Shaun Gregory, The Hidden Cost of Deterrence: Nuclear Weapons Accidents, Brassey's UK, London, 1990, pp. 181-182. From midgley@mednetics.org Sun, 6 Feb 2000 00:52:52 -0000 Date: Sun, 6 Feb 2000 00:52:52 -0000 From: Adrian Midgley midgley@mednetics.org Subject: Re(2): How Old Is TEMPEST? Did I miss an expansion of the acronym TEMPEST? If so, apologies, and grateful if somebody would ... From proff@iq.org 06 Feb 2000 21:14:16 +1100 Date: 06 Feb 2000 21:14:16 +1100 From: Julian Assange proff@iq.org Subject: [PGP]: Re: Food for Thawte "L. Sassaman" writes: > On Fri, 4 Feb 2000, John Doe Number Two wrote: > > > PS: You might consider adding your surname to your email 'from' line. In > > the world of crypto, there is only one Bruce and you are not him. > > That was uncalled for. And yet unintentionally illustrative. Cheers, Julian -- Warren Air Force Base in Cheyenne, Wyoming, recorded a message that one of its Minuteman III intercontinental ballistic missiles was about to launch from its silo due to a computer malfunction. To prevent the possible launch, an armored car was parked on top of the silo. - Shaun Gregory, The Hidden Cost of Deterrence: Nuclear Weapons Accidents, Brassey's UK, London, 1990, pp. 181-182. From mjdb@dorevale.demon.co.uk Sun, 6 Feb 2000 12:52:10 +0000 (GMT) Date: Sun, 6 Feb 2000 12:52:10 +0000 (GMT) From: M J D Brown mjdb@dorevale.demon.co.uk Subject: How Old Is TEMPEST? On Sat 05 Feb, John Young wrote: > We are researching a timeline for the history of TEMPEST > technology and found an account which claims the earliest > discovery of compromising emanations was in 1918 by > Herbert Yardley and his American Black Chamber > cryptology unit of the military.(1) > > David Kahn writes in The Codebreakers that Yardley went > Europe in 1918 to be instructed on Allies techniques for > cryptanalysis and other intelligence tools, in British > methods of M.I. 1(b).(2) The earliest mention of TEMPEST effects that I can recall relates to the interception by earth loop leakage of enemy field telephone conversations in late-1914. Prior to WW1, field telephones were connected using a single core insulated cable and earth return via ground spikes. This halved the weight and bulk of telephone cable to be laid; important considerations when keeping mobile brigade headquarters connected to rear divisional headquarters. The British Army used horse-drawn cable wagons from which cable could be laid at a full gallop; the most prized crew position being that of the horseman whose task was to guide the cable safely onto the top of a hedgerow or into a roadside ditch by means of a stick with a metal loop on its end. After the initial manoeuvres, WW1 quickly settled into static field siege warfare on the Western Front, in which units of the opposing sides were often entrenched within a very few hundred yards of each others' positions. As artillery fire direction became more important, telephone connections extended down to battalion/regimental level in the forward dugouts. It was very soon discovered that there was considerable crosstalk on field telephone circuits and that some of what could be heard emanated from the enemy side. Listening posts were quickly established to exploit the effect, using well-spaced earth spike pickups to maximise the strength of the intercepted signals. At the same time, of course, protective measures both procedural and technical were introduced; the latter including a massive programme to convert all field telephone circuits to a twin core cable configuration. All of the foregoing from memory of Major-General R F H Nalder's "History of the Royal Corps of Signals". I cannot recall the publication date, but probably middle-1950s, since I last saw a copy in 1964. The USA did not enter the WW1 until 1917, and I do not recall ever reading of any UK/USA intelligence cooperation prior to that date. Thus it seems improbable that the US Army could claim invention of TEMPEST technology per se, though there is no reason to dispute that Yardley and his colleagues were working in the radio effects field in 1918. It would be interesting to hear more about exactly what they were exploiting or protecting against; I think it would be too early for them to be direction-finding on superheterodyne oscillator signals radiated from spies' radio receivers. Regards to all, Mike. -- M J D Brown: Newhaven, Peterchurch, Herefordshire HR2 0RT, England From padgett@gdi.net Sun, 06 Feb 2000 10:08:55 -0500 Date: Sun, 06 Feb 2000 10:08:55 -0500 From: Padgett 0sirius padgett@gdi.net Subject: [PGP]: FWD: Food for Thawte > one of its Minuteman III intercontinental ballistic missiles was > about to launch from its silo due to a computer malfunction. To > prevent the possible launch, an armored car was parked on top of > the silo. Given our level of efficiency they probably parked on the wrong silo... A. Padgett Peterson, P.E., CISSP: Cybernetic Psychophysicist Anti-Virus, Cryptographics, & Antique Radio Researcher http://www.freivald.org/~padgett/index.html mailto:padgett@gdi.net PGP 6.5 Key on request From bill@dial.pipex.com Sun, 6 Feb 2000 15:49:39 -0000 Date: Sun, 6 Feb 2000 15:49:39 -0000 From: Bill Thompson bill@dial.pipex.com Subject: Lottery To Run On PC Technology -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 It seems (http://news.bbc.co.uk/hi/english/business/newsid_632000/632723.stm) that Bill Gates/Microsoft are to work with Richard Branson's proposed 'People's Lottery' to provide technology to run the draw on, assuming Branson's bid is successful. Gates told Breakfast With Frost: "The lottery terminals in the past have not used PC technology and there hasn't been a way of leveraging all the things which are going on with the internet'. So presumably we should all be re-reading our copies of Ross's paper on how to cheat at the lottery, looking forward to the day when the local newsagent's terminal is running Windows 2000 and we can buy tickets direct over the Web. With MS's crypto making sure it's all safe and secure. Am I the only one to be worried by this? Bill Thompson -----BEGIN PGP SIGNATURE----- Version: PGPfreeware 6.5.1 Int. for non-commercial use iQA/AwUBOJ2XiVNT/DkNet0bEQLRzgCg2SkP5qZh6nwzohzD058AethwwxwAmgKc T4DVjPzd0UAADtD2NFlMm6ML =q6OY -----END PGP SIGNATURE----- From brian.gladman@btinternet.com Sun, 6 Feb 2000 16:37:29 -0000 Date: Sun, 6 Feb 2000 16:37:29 -0000 From: Brian Gladman brian.gladman@btinternet.com Subject: Lottery To Run On PC Technology From: "Bill Thompson" To: "Ukcrypto@Maillist. Ox. Ac. Uk" Sent: Sunday, February 06, 2000 3:49 PM Subject: Lottery To Run On PC Technology [snip] > Gates told Breakfast With Frost: "The lottery terminals in the past > have not used PC technology and there hasn't been a way of leveraging > all the things which are going on with the internet'. So presumably > we should all be re-reading our > copies of Ross's paper on how to cheat at the lottery, looking > forward to the > day when the local newsagent's terminal is running Windows 2000 and > we can buy > tickets direct over the Web. With MS's crypto making sure it's all > safe and secure. > > Am I the only one to be worried by this? > > Bill Thompson > No - I groaned as well when this was said - high functionality, low assurance lottery terminals - just what we need. Richard Branson's claim that he would be able to create a millionaire a day may be right but not quite in the way he expects! Brian From hcorn@cix.co.uk Sun, 6 Feb 2000 18:42 +0000 (GMT Standard Time) Date: Sun, 6 Feb 2000 18:42 +0000 (GMT Standard Time) From: Peter Sommer hcorn@cix.co.uk Subject: Lottery To Run On PC Technology Sounds utterly unthought-out. Is the aim that *newsagents* will have PC-based lottery terminals or that *every* Internet-connected PC becomes a lottery terminal the moment it logs on to a National Lottery web-site? If the latter, how, among other things, are they going to prevent under-age purchase? |-> Peter Sommer -------------------------------------------------->| |-> hcorn@cix.co.uk P.M.Sommer@lse.ac.uk ------------------------->| |-> Academic URL: http://csrc.lse.ac.uk/People/SommerP/SommerP.htm ->| |-> Commercial URL: http://www.virtualcity.co.uk ------------------>| From 1tc@hehe.com Sun, 06 Feb 00 13:57:54 EST Date: Sun, 06 Feb 00 13:57:54 EST From: 1tc@hehe.com 1tc@hehe.com Subject: CHECK THIS OUT!!! THE NUDE CELEBRITY COLLECTION!!! Are You Tired of Spending Countless Hours Searching for Pictures of Nude Celebrities? Well The Search is Over!!!!!! Celebrite Nudes CD-Rom with 640+ Meg of Images Over 8500 Different Images Plus Many Extras!!! This CD-ROM contains some of the Hottest Actresses, Playboy Centerfolds, Singers, Models, and every Other Celebrity out there. Don't waste your time searching the net for pay sites when all you need is this CD. The CD includes over 640 Megs of different pictures with pictures of celebrities such as, Shannon Tweed, Uma Thurman, Virginia Madsen, Winona Ryder,Alice Krieg, Annett O'Toole, Angela Bassett, Anne Archer,Bridgette Fonda, Patricia Arquette, Penelope Anne Miller, Robin Wright, Salma Hayek, Vivica Fox, Leeza Gibbons, Sandra Bernhard, Diane Sawyer, Princess Di, Gennifer Flowers, Fergie, Angie Everhart, Anna Nicole Smith, The Barbi Twins, Bo Derek, Christie Brinkley, Christy Turlington, Cindy Crawford, Claudia Schiffer, Danielle House, Elle McPhearson, Jenny McCarthy, Jessica Hahn, Kate Moss, Kathy Ireland, Naomi Campbell, Niki Taylor, Pam Anderson, Stacy Sanches, Tawny Kitean, Tyra Banks, Vendela Kiirsenbaum, Booke Shields, Carol Alt, Paula Barbieri, Rebecca Romijn, Barbi Benton, Carmen Electra, Cline Dion, Cher, Courtney Love, Daisy Fuentes, Janet Jackson, Jewel, Lita Ford, Madonna, Mariah Carey, Samatha Fox, Spice Girls, Toni Braxton, Vaness Williams, Barbara Streisand, Fem 2 Fem, Stevie Nicks, TLC, Donna D'Errico, Gina Lee Nolin, Nicole Eggert, Yasmine Bleeth, Sharon Stone, Geena Davis, Halle Berry, Jennifer Lopez, Julia Roberts, Lauren Holly, Linda Hamilton, Lolita Davidovich, Marilu Henner, Marisa Tomei,Marla Maples Trump, Mary Elizabeth Masterantonio, Donna Mills, Heather Locklear, Kim Delaney, Linda Carter, Lucy Lawless, Nicolette Sheridan, Shannon Doherty, Tori Spelling, Gillian Anderson, Jennie Garth, Neve Campbell, Vanna White, Alicia Silverstone, Alyssa Milano, Goldie Hawn, Jennifer Anniston, Suzanne Sommers, Tiffany Amber-Thiessen, Christina Applegate, Courtney Cox, Julia- Lewis Dreyfuss, Lisa Kudrow, Phoebe Cates, Robin Givens, Ashley Judd, Bridgett Nielson, Cameron Diaz, Daryll Hannah, Demi Moore, Drew Barrymore, Elizabeth Shue, Farrah Fawcett, Gwyneth Paltrow, Jamie Lee Curtis, Jane Seymour, Jodie Foster, Kate Winslett, Kelly Preston, Kim Bassinger, Linda Carter, Live Tyler, Meg Ryan, Melanie Griffith, Michelle Pfeiffer, Natasha Kinski, Nicole Kidman, Renee Russo, Rosanna Arquette, Sandra Bullock, Whitney Houston, Adrienne Barbeau, Marilyn Monroe, Meryl Streep, Natalie Wood, Raquel Welch, Sophia Loren, Grace Kelley, Cheryl Tiegs, Monica Seles, Stefi Graf, Tonya Harding, Katarina Whitt, Maria Shriver and so much more. How could you go wrong? There are many many more on this CD. If I tried to name them all, I would still be typing. For all you Picture editors, there is a Fake Photos section on the cd. With over 8500 pictures to work with, you can come up with some pretty crazy pics. Also Included in This Great Collection is the Infamous Pamela and Tommy Lee Videos. Besides just having Pamela and Tommy Lee, the CD has a video section including videos of Jennifer Connelly, Lea Thompson, Patty Ford, Appolonia, Teri Hatcher, Jamie Lee Curtis, Alyssa Milano, Anna Nicole Smith, Jenny McCarthy, and Erika Elaynik. For a Bonus, there is a program included on the CD to make Screen Savers. With over 8500 pictures the options are limitless. There are many Nude Celebrity CD-ROMS on the Web, but this is by far the Biggest and the Best Collection out there. Cash, Checks, and Money Orders Accepted. You Must Be 18 Years or Older To Purchase this CD!!! Also Available: Nude Celebrity Videos, Collection # 1 & Collection # 2. Purchase each CD for $10.00 + $2.00 (U.S.) shipping & handling, or take advantage of This Great Offer: Purchase All 3 CD's for Only $29.95 (U.S) & Your Shipping & Handling is FREE!!! Please fill out the order form below and specify which CD's you are ordering. QUANTITY S&H TOTAL NUDE CELEBRITIES: COLLECTION #1 : COLLECTION #2 : TOTAL AMOUNT of PURCHASE: ___________ Please send concealed cash, check, or money order for your purchase of the above cd's to: P. Calderone P.O. Box 205 Brodheadsville, PA 18322-205 U.S.A. INTERNATIONAL ORDERS, PLEASE ADD $3.00 (U.S.) FOR ADDITIONAL SHIPPING & HANDLING. P.S. PLEASE INCLUDE YOUR E-MAIL ADDRESS Thank You & Have a Nice Day :o) This message complies with the proposed United States Federal requirements for commercial e-mail bill, Section 301. Per Section 301, Paragraph (a) (2) (c) of S.1618, further transmissions to you by the sender of this e-mail may be stopped at no cost to you by sending a reply to this e-mail on the subject line,or the above address for you to be removed from our mailing list. For additional info., see: http://www.senate.gov/~murkowski/commercialemail/EMailAmendText. html DUE TO CERTAIN RESTRICTIONS, THIS PRODUCT IS NOT AVAILABLE IN THE STATE OF WASHINGTON. From nigel@titley.com Mon, 07 Feb 2000 00:14:15 +0000 Date: Mon, 07 Feb 2000 00:14:15 +0000 From: Nigel Titley nigel@titley.com Subject: Lottery To Run On PC Technology Bill Thompson wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > It seems > (http://news.bbc.co.uk/hi/english/business/newsid_632000/632723.stm) > that Bill Gates/Microsoft are to work with Richard Branson's proposed > 'People's > Lottery' to provide technology to run the draw on, assuming Branson's > bid > is successful. > > Gates told Breakfast With Frost: "The lottery terminals in the past > have not used PC technology and there hasn't been a way of leveraging > all the things which are going on with the internet'. So presumably > we should all be re-reading our > copies of Ross's paper on how to cheat at the lottery, looking > forward to the > day when the local newsagent's terminal is running Windows 2000 and > we can buy > tickets direct over the Web. With MS's crypto making sure it's all > safe and secure. > > Am I the only one to be worried by this? Well, given that I've always regarded the lottery as a tax on stupidity, I can't say I'm overly worried. Nigel Titley From Q.G.Campbell@newcastle.ac.uk Mon, 7 Feb 2000 09:03:18 +0000 (GMT) Date: Mon, 7 Feb 2000 09:03:18 +0000 (GMT) From: Quentin Campbell Q.G.Campbell@newcastle.ac.uk Subject: Food for Thawte On Fri, 4 Feb 2000, Brian Morrison wrote: > >And this will not change until we can have a high degree of confidence in > >the security properties of operating systems, which I believe is a long way > >off. > > And of course one has to ask why OS security is so poor thus far. Some > people sticking their oars in methinks. > Brian Yes, but not in the way that you imply. Who needs spooks medling when you have MS designers, managers and system engineers doing a better job without realising it! Brian Gladman's point is well made as anyone with a practical or academic background in OS design, maintenance and development will tell you. OS security was a problem well before networks were in (common) use. There are members of this list who taught me operating system design principles as an under-graduate almost 30 years ago and the security problems they described then are still with us today. Quentin -- PHONE: +44 191 222 8209 Computing Service, University of Newcastle FAX: +44 191 222 8765 Newcastle upon Tyne, United Kingdom, NE1 7RU. ------------------------------------------------------------------------- "Any opinions expressed above are mine. The University can get its own." From I.Brown@cs.ucl.ac.uk Mon, 07 Feb 2000 09:55:36 +0000 Date: Mon, 07 Feb 2000 09:55:36 +0000 From: Ian Brown I.Brown@cs.ucl.ac.uk Subject: Some fun viewing for tonight... Privacy International Director to Host BBC Documentary PI Director General Simon Davies will present a prime-time television documentary on BBC2 at 7.30 PM, Monday February 7. "The Death of Privacy" explores a range of surveillance techniques, including Automatic Face Recognition, communications interception and database matching. The program also describes attempts to establish a UK national DNA database supplied with samples from traffic offenders and illegal protesters. Davies also spends time offering some subversive techniques to undermine privacy invasion. A web forum will follow the show at http://www.bbc.co.uk/knowledge About Privacy International Privacy International (PI) is a human rights group formed in 1990 as a watchdog on surveillance by governments and corporations. PI is based in London, England, and has an office in Washington, D.C. PI has conducted campaigns throughout the world on issues ranging from wire tapping and national security activities, to ID cards, video surveillance, data matching, police information systems, and medical privacy. More information on Privacy International is available at: http://www.privacyinternational.org/ From Rodney.Tillotson@ukerna.ac.uk Mon, 07 Feb 2000 10:56:23 +0000 Date: Mon, 07 Feb 2000 10:56:23 +0000 From: Rodney Tillotson Rodney.Tillotson@ukerna.ac.uk Subject: How Old Is TEMPEST? At 12:52 06/02/2000, Mike Brown wrote: > ... Prior to WW1, field telephones ... > ... The British Army used horse-drawn cable wagons ... I am not unspeakably ancient but I did this -- in the early 1960s, in the school Cadet Force along the lanes of Sussex and with teams of highly-trained runners instead of a horse. The handsets were 1939-45 or later and I believed at the time that single-wire working had been current practice during that war. > It was very soon discovered that there was considerable crosstalk > on field telephone circuits ... That too. No hint to the enthusiastic youngsters that twin-wire was normal in the field. Rodney. From donald@ramsbottom.co.uk Mon, 07 Feb 2000 12:38:52 +0000 Date: Mon, 07 Feb 2000 12:38:52 +0000 From: Donald Ramsbottom donald@ramsbottom.co.uk Subject: DVD -deCSS Court case SNIP > >It was in the California court that CSS, a trade secret, was mistakenly >filed as an exhibit to a plaintiff declaration as an open public record >and was then subsequently sealed after the error was revealed by >publishing the open document on the Web. > >The order to seal is applicable only to members of the bar and >court officials who are forbidden to copy CSS. The order does not apply >to any citizen who may freely copy the court record and CSS, nor >does the order apply to the online version (which we can report >as the host has been downloaded now 70,000 times). > >Beyond this nutshell I'd better not go, for the technical and >legal issues involve interpretations beyond my abilities -- but >not beyond my stupid convictions: we continue to offer DeCSS >on our site, and remain one of 521 defendants in the California >case. Not yet sued in New York, our majestic squat. > John, or anyone else who may know, What was the Court URL for the Calfiornian case? was it actually the Court who posted the exhibit to the declaration, or was it a third party obtaining a copy and then posting it. It is academic now I know, but it would be interesting if it were the Court as the de facto position is that the code has been published and is irretreivably in the public domain and even if the de jure position is different the claim would appear to unsustainable, especially if it were the Courts mistake or even better if the Plaintiff did not make it clear that the documentation was in camera. Just more musings which may or may not help. I do not know whether there is a "Spycatcher" defence available in Ca but with 70,000 downloads from a single site out of 521 known sites, if ever there was a case for it, it is this one. Perhaps a US/Ca Lawyer could comment. Donald Ramsbottom LL.B, BA (Hons). RAMSBOTTOM & Co. Solicitors Internet Law & Global Cryptology Law Specialists From jya@pipeline.com Mon, 07 Feb 2000 08:42:59 -0500 Date: Mon, 07 Feb 2000 08:42:59 -0500 From: John Young jya@pipeline.com Subject: DVD -deCSS Court case Donald Ramsbottom wrote: >What was the Court URL for the Calfiornian case? was it actually the Court >who posted the exhibit to the declaration, or was it a third party obtaining >a copy and then posting it. I don't believe the California Court has put any of the case documents online; if it has I would appreciate learning where. As far as I know, Cryptome was the first to put the declaration online, but there may have been others who did so, for several defendants were sent hardcopies by the plaintiffs. The copy to Cryptome was sent anonymously shortly after the court filing. Because we are not cryptographers we did not realize the significance of the CSS revelation until someone called attention to it on Slashdot a few days later and all hell broke loose with a tsunami of downloads. Based inaccurate notations on the CSS hardcopy I suspect that Mr. Hoy or his attorneys did not fully understand what code the exhibit revealed. According to those at the hearing to seal, the plaintiffs did not know of the error until news reports appeared; the court denied plaintiffs' request to order online removal. I have not seen a transript of the hearing. The impact of the disclosure will be contested before or during trial. The plaintiffs claim (in the press) that the mistake is insignificant; because the document now has been sealed, the trade secret remains properly protected and should not be publicized. Defendants claim open publication has undermined the trade secret. I've been told that the court is obliged to keep public records open, and once made public cannot be totally closed to public access. This is not the first weirdness of crypto law: In the Karn v. US suit involving digital versions of the algorithms in Bruce Schneier's "Applied Cryptography," the US has refused to officially permit online publication even though the files have been available online in Europe for over two years. I understand that the US position is that no matter the fact of foreign availability, permission has not been officially granted, thus any US online publication would be illegal. (Phil Karn says that a letter of permission is due shortly in response to latest US crypto export regs.) From ijackson@chiark.greenend.org.uk Mon, 7 Feb 2000 14:02:26 +0000 (GMT) Date: Mon, 7 Feb 2000 14:02:26 +0000 (GMT) From: Ian Jackson ijackson@chiark.greenend.org.uk Subject: Lottery To Run On PC Technology Nigel Titley writes ("Re: Lottery To Run On PC Technology"): > Well, given that I've always regarded the lottery as a tax on > stupidity, I can't say I'm overly worried. This is getting rather off-topic, but actually the lottery is an overpriced source of hope for those who otherwise have little or none. Or, to put it another way, playing the lottery is only stupid if your utility function for money has certain shapes, which are not the only possible sensible ones. People who already have good prospects (like most of those here on this list) are much more likely to have utility functions where playing the lottery is not helpful, but that doesn't extrapolate to the rest of society. Ian. From richard@turnpike.com Mon, 7 Feb 2000 14:47:18 +0000 Date: Mon, 7 Feb 2000 14:47:18 +0000 From: Richard Clayton richard@turnpike.com Subject: Food for Thawte -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 In article <002101bf6efc$2788bd70$30a8ac3e@fortytwo>, Brian Gladman writes >Where I have found a need to know the something about a cyberspace entity >that I am dealing with is when I visit an e-commerce site from which I want >to make a purchase. Here I do want to know that when I visit a site that >purports to be 'Company X's' site really is their site and not some crooked >outfit masquerading as them. I am less concerned about a mere visit. But my concern would rise if I was starting to consider placing an order or passing over some personal information to them. >For a number of reasons I may have come to >trust the 'real world' company even though I have no real world relationship >with them and I do want to know that this trust will carry over into >cyberspace. And, in contrast with my relationships with people, I will >often have no easy way of confirming the relationship between the real world >company and its cyberspace 'alter ego'. I agree that this relationship issue is a real problem... >When this is looked at in more detail what I really want from any >countersignature on an e-commerce site certificate is not identity >information but rather a guarantee from the counter-signatory that if >anything goes wrong in my transactions with the site they will underwrite >any losses or damage that I may incur. I want their couter-signature >signature not to underwrite identity as such (although this is of some value >here) but rather to carry insurance covering my risks. ... and that this is a possible practical response. However, I suspect that is going to push up the cost of such certificates considerably - there are many things that can go wrong with transactions besides giving your credit card number to an imposter, and I suspect that getting the small print right (viz: to engender trust in the consumer whilst excluding non-impersonation issues) is going to be complex. I am unconvinced that what ECommerce needs right now is higher costs of entry - which is what such certificates would mean. Another way of looking at Brian's point that identity certification is of limited value - is to look at one real example (and one could find thousands more, I found this one almost immediately when I looked). This example shows pretty clearly that identity per se is not especially useful: Let us suppose that you would like to purchase a game online from Electronics Boutique (whose shops one can see on many High Streets). A few moments with a search engine will lead you to www.eb.uk.com which is (a little clicking will show you) apparently owned by EB Stores Group Ltd. a company I had never heard of before and which, despite its grand title could be run by almost anyone. Is this or is this not the UK web site for "Electronics Boutique" ? I think I can answer that in the affirmative. The reason for that is that I believe that I have recognised their trade mark. Mind you... when I avoid the search engine and just try using the DNS as a search engine I then find a completely different site at www.electronicsboutique.com (redirected to www.ebworld.com). This is in fact the US site - and it has a pretty seal on it issued by Verisign. I can find no link on it to a UK site, and the top levels of the UK site appear to be a secret from Verisign as well... but at least the trademark looks the same... so perhaps one loses trust in Americans to believe in other countries rather than losing trust in the identity of the UK site. So to recap on this -- my trust, such as I need it to look at the site, seems to depend on the trademark and little else! If, however, I proceed to buy something, then, hidden away behind the scenes, my faith in the https: server can be placed in Verisign and British Telecommunications plc. (this is "trustwise", of which a certain amount has been written on this list). This might cheer one up (BT have issued a class 3 certificate), but of course all they have done is to verify that EB Stores Group Ltd are a real company, known to Dun and Bradstreet and contactable on the telephone. They have NOT attested to any relationship between that company and my friendly High Street shop. Perhaps what is needed to boost confidence is for the certificates to be issued to record the validity of (and permission to use) the trademark rather than certifying the identity of the merchant - which it turns out one never knew in the first place. However, is this actually a real problem ? In the High Street there would be rapid action if an imposter started copying store-fronts - the laws of passing-off and trademark infringement would be wheeled out as soon as anyone noticed. Similar action would be taken if an imposter started sending mailshots which plied for trade under false pretences. ie: commerce seems to have moved into other areas without having to build new infrastructures to support the use of trademarks in these new areas. Is cyberspace really so much faster and complex that we need to swap everything round and have the user doing the due diligence checks, whether these be on identity or trademarks or membership of ABTA or adherence to some E-Trust scheme ? Strong encryption does seem to make such things possible (though you need to concentrate on what was _actually_ proved) - but some days I think we're guilty of using a technology because we can, rather than because we actually need to. >Carl Ellison, Nicholas Bohm and I have a paper covering aspects of this >issue at: http://jya.com/bg/digsig.pdf and Carl and Bruce Schneier have >written recently about the PKI issues in particular. The paper is good, I was pleased to be prompted to reread it. - -- richard writing to inform and not as company policy fewer than 20 MPs still need adopting: http://www.stand.org.uk/ "Assembly of Japanese bicycle require great peace of mind" quoted in ZAMM -----BEGIN PGP SIGNATURE----- Version: PGPsdk version 1.7.1 iQA/AwUBOJ7a9jH5BMWRRATGEQLSKwCdHwzNZ/NssDk6xljUZKXkHhD9GIIAnia8 eScS8IgJ8XJS/sp4++chz3KN =9tCa -----END PGP SIGNATURE----- From ben@algroup.co.uk Mon, 07 Feb 2000 14:47:13 +0000 Date: Mon, 07 Feb 2000 14:47:13 +0000 From: Ben Laurie ben@algroup.co.uk Subject: RSA flier? Does anyone have a copy of the RSA flier going about with a picture of a car on the front, in which the scurrilous claim that free software is not supported or maintained is made? I had one, but its, err, in use by the ASA. :-) Cheers, Ben. -- SECURE HOSTING AT THE BUNKER! http://www.thebunker.net/hosting.htm http://www.apache-ssl.org/ben.html Y19100 no-prize winner! http://www.ntk.net/index.cgi?back=2000/now0121.txt From donald@ramsbottom.co.uk Mon, 07 Feb 2000 15:51:13 +0000 Date: Mon, 07 Feb 2000 15:51:13 +0000 From: Donald Ramsbottom donald@ramsbottom.co.uk Subject: DVD -deCSS Court case SNIP >I don't believe the California Court has put any of the case documents >online; if it has I would appreciate learning where. > OK, I surmise that if JY does not know, then it was never put up by the Court. >Because we are not cryptographers we did not realize the significance >of the CSS revelation until someone called attention to it on Slashdot >a few days later and all hell broke loose with a tsunami of downloads. >Based inaccurate notations on the CSS hardcopy I suspect that Mr. Hoy >or his attorneys did not fully understand what code the exhibit >revealed. Now this is interesting as if the attorneys exhibited the code without realising its significance, then (if they were based in the UK)they (the attorneys) would be potentially negligent. Now if I were those lawyers I'd be checking my professional indemnity insurance, as the MAP would then have a potential claim against them which could produce some real money rather than the absurd sabre rattling which is currently acheiving nothing other than make MAP look a little silly by locking the stable door aftert the horse (or code) has bolted. This would also get the executives at MAP off the hook because they could blame the debacle on the attorneys! > >According to those at the hearing to seal, the plaintiffs did not know of >the error until news reports appeared; the court denied plaintiffs' request >to order online removal. I have not seen a transript of the hearing. Would anyone care to post a copy of the transcript if they have it, or email it to me if they are worried. > >The impact of the disclosure will be contested before or during trial. >The plaintiffs claim (in the press) that the mistake is insignificant; >because >the document now has been sealed, the trade secret remains properly >protected and should not be publicized. Defendants claim open >publication has undermined the trade secret. I've been told that >the court is obliged to keep public records open, and once made >public cannot be totally closed to public access. The Djinn is out of the bottle. In the UK HMG were forced to stop their action in the Spy catcher case as it was patently absurd to continue. > >This is not the first weirdness of crypto law: In the Karn v. US suit >involving digital versions of the algorithms in Bruce Schneier's >"Applied Cryptography," the US has refused to officially permit online >publication even though the files have been available online in >Europe for over two years. I understand that the US position is that >no matter the fact of foreign availability, permission has not been >officially granted, thus any US online publication would be illegal. >(Phil Karn says that a letter of permission is due shortly in response >to latest US crypto export regs.) I have this case somewhere and will dig it out. But what we really need is a friendly US attorney to give a more informed opinion. Any takers out in cryptoland? Donald Ramsbottom LL.B, BA (Hons). RAMSBOTTOM & Co. Solicitors Internet Law & Global Cryptology Law Specialists From nbohm@ernest.net Mon, 07 Feb 2000 15:58:38 +0000 Date: Mon, 07 Feb 2000 15:58:38 +0000 From: Nicholas Bohm nbohm@ernest.net Subject: Food for Thawte In article <002101bf6efc$2788bd70$30a8ac3e@fortytwo>, Brian Gladman writes >Where I have found a need to know the something about a cyberspace entity >that I am dealing with is when I visit an e-commerce site from which I want >to make a purchase. Here I do want to know that when I visit a site that >purports to be 'Company X's' site really is their site and not some crooked >outfit masquerading as them. > >I am less concerned about a mere visit. But my concern would rise if I >was starting to consider placing an order or passing over some personal >information to them. > >>For a number of reasons I may have come to >>trust the 'real world' company even though I have no real world relationship >>with them and I do want to know that this trust will carry over into >>cyberspace. And, in contrast with my relationships with people, I will >>often have no easy way of confirming the relationship between the real world >>company and its cyberspace 'alter ego'. > >I agree that this relationship issue is a real problem... > >>When this is looked at in more detail what I really want from any >>countersignature on an e-commerce site certificate is not identity >>information but rather a guarantee from the counter-signatory that if >>anything goes wrong in my transactions with the site they will underwrite >>any losses or damage that I may incur. I want their couter-signature >>signature not to underwrite identity as such (although this is of some value >>here) but rather to carry insurance covering my risks. > >.... and that this is a possible practical response. > >However, I suspect that is going to push up the cost of such >certificates considerably - there are many things that can go wrong with >transactions besides giving your credit card number to an imposter, and >I suspect that getting the small print right (viz: to engender trust in >the consumer whilst excluding non-impersonation issues) is going to be >complex. > >I am unconvinced that what ECommerce needs right now is higher costs of >entry - which is what such certificates would mean. > >Another way of looking at Brian's point that identity certification is >of limited value - is to look at one real example (and one could find >thousands more, I found this one almost immediately when I looked). > >This example shows pretty clearly that identity per se is not especially >useful: > > Let us suppose that you would like to purchase a game online from > Electronics Boutique (whose shops one can see on many High Streets). > > A few moments with a search engine will lead you to www.eb.uk.com > which is (a little clicking will show you) apparently owned by EB > Stores Group Ltd. a company I had never heard of before and which, > despite its grand title could be run by almost anyone. > > Is this or is this not the UK web site for "Electronics Boutique" ? > > I think I can answer that in the affirmative. The reason for that is > that I believe that I have recognised their trade mark. > >Mind you... when I avoid the search engine and just try using the DNS as >a search engine I then find a completely different site at >www.electronicsboutique.com (redirected to www.ebworld.com). > >This is in fact the US site - and it has a pretty seal on it issued by >Verisign. I can find no link on it to a UK site, and the top levels of >the UK site appear to be a secret from Verisign as well... but at least >the trademark looks the same... so perhaps one loses trust in Americans >to believe in other countries rather than losing trust in the identity >of the UK site. > >So to recap on this -- my trust, such as I need it to look at the site, >seems to depend on the trademark and little else! > >If, however, I proceed to buy something, then, hidden away behind the >scenes, my faith in the https: server can be placed in Verisign and >British Telecommunications plc. (this is "trustwise", of which a certain >amount has been written on this list). This might cheer one up (BT have >issued a class 3 certificate), but of course all they have done is to >verify that EB Stores Group Ltd are a real company, known to Dun and >Bradstreet and contactable on the telephone. They have NOT attested to >any relationship between that company and my friendly High Street shop. > >Perhaps what is needed to boost confidence is for the certificates to be >issued to record the validity of (and permission to use) the trademark >rather than certifying the identity of the merchant - which it turns out >one never knew in the first place. > >However, is this actually a real problem ? > >In the High Street there would be rapid action if an imposter started >copying store-fronts - the laws of passing-off and trademark >infringement would be wheeled out as soon as anyone noticed. > >Similar action would be taken if an imposter started sending mailshots >which plied for trade under false pretences. > >ie: commerce seems to have moved into other areas without having to >build new infrastructures to support the use of trademarks in these new >areas. > >Is cyberspace really so much faster and complex that we need to swap >everything round and have the user doing the due diligence checks, >whether these be on identity or trademarks or membership of ABTA or >adherence to some E-Trust scheme ? > >Strong encryption does seem to make such things possible (though you >need to concentrate on what was _actually_ proved) - but some days I >think we're guilty of using a technology because we can, rather than >because we actually need to. > >>Carl Ellison, Nicholas Bohm and I have a paper covering aspects of this >>issue at: http://jya.com/bg/digsig.pdf and Carl and Bruce Schneier have >>written recently about the PKI issues in particular. > >The paper is good, I was pleased to be prompted to reread it. > >-- >richard writing to inform and not as company policy > fewer than 20 MPs still need adopting: http://www.stand.org.uk/ >"Assembly of Japanese bicycle require great peace of mind" quoted in ZAMM > > >*** END PGP VERIFIED MESSAGE *** > > > Regards, Nicholas Bohm Salkyns, Great Canfield, Takeley, Bishop's Stortford CM22 6SX, UK Phone 01279 871272 (+44 1279 871272) Fax 01279 870215 (+44 1279 870215) Mobile 07715 419728 (+44 7715 419728) PGP RSA 1024 bit public key ID: 0x08340015. Fingerprint: 9E 15 FB 2A 54 96 24 37 98 A2 E0 D1 34 13 48 07 PGP DSS/DH 1024/3072 public key ID: 0x899DD7FF. Fingerprint: 5248 1320 B42E 84FC 1E8B A9E6 0912 AE66 899D D7FF From nbohm@ernest.net Mon, 07 Feb 2000 16:05:45 +0000 Date: Mon, 07 Feb 2000 16:05:45 +0000 From: Nicholas Bohm nbohm@ernest.net Subject: Food for Thawte [Replaces previous message sent in error] In article <002101bf6efc$2788bd70$30a8ac3e@fortytwo>, Brian Gladman writes >Where I have found a need to know the something about a cyberspace entity >that I am dealing with is when I visit an e-commerce site from which I want >to make a purchase. Here I do want to know that when I visit a site that >purports to be 'Company X's' site really is their site and not some crooked >outfit masquerading as them. This assumes you have some useful knowledge of Company X (satisfactory to you) to start with. If so, you have probably been to their shops or bought from their website before. Both types of visit could (if retailers got the hang of it) enable you to note their public key fingerprint/id. Then you can later check you're dealing with the same person (or someone else in control of the same private key). Certificates seem to be a side issue. Regards, Nicholas Bohm Salkyns, Great Canfield, Takeley, Bishop's Stortford CM22 6SX, UK Phone 01279 871272 (+44 1279 871272) Fax 01279 870215 (+44 1279 870215) Mobile 07715 419728 (+44 7715 419728) PGP RSA 1024 bit public key ID: 0x08340015. Fingerprint: 9E 15 FB 2A 54 96 24 37 98 A2 E0 D1 34 13 48 07 PGP DSS/DH 1024/3072 public key ID: 0x899DD7FF. Fingerprint: 5248 1320 B42E 84FC 1E8B A9E6 0912 AE66 899D D7FF From brian.gladman@btinternet.com Mon, 7 Feb 2000 18:12:01 -0000 Date: Mon, 7 Feb 2000 18:12:01 -0000 From: Brian Gladman brian.gladman@btinternet.com Subject: Food for Thawte From: "Nicholas Bohm" To: Sent: Monday, February 07, 2000 4:05 PM Subject: Re: Food for Thawte > [Replaces previous message sent in error] > > In article <002101bf6efc$2788bd70$30a8ac3e@fortytwo>, Brian Gladman > writes > [snip] > This assumes you have some useful knowledge of Company X (satisfactory to > you) to start with. If so, you have probably been to their shops or bought > from their website before. Both types of visit could (if retailers got the > hang of it) enable you to note their public key fingerprint/id. Then you > can later check you're dealing with the same person (or someone else in > control of the same private key). > > Certificates seem to be a side issue. > In large measure I agree with you but I stop short of saying that certificates are of no value. As you suggest, when I deal with a company both 'in the high street' and in cyberspace I have a real world relationship that can provide the basis to establish a link to their cyberspace 'alter ego'. This is the easy case - certificates offer nothing here since both I and the company can exchange our keys without need for third parties. But what do I do when the only relationship I have with a company is in cyberspace? This is a real situation since I already buy computer hardware, software and books from US companies with which I have no real world relationship and I do take a risk in doing this. In the long term both I and the company can develop trust in each other and this will allow us to develop trust in the authentication keys that we have exchanged without certificates. Initially, however, there are risks. Hence it would be nice to have a way of trusting them from the outset and here I do see a possible value in certificates of a particular form. In this specific situation, if a third party company that I do know and trust provided a certificate which carried meaning: 'if you have any problems, financial or otherwise, in undertaking an electronic transaction with this company, we will fully compensate you' then I would derive some value from it. However, this certificate has ***nothing*** to do with identity - it is an authorisation certificate that gives the company I am dealing with the authorisation to trade with me under the terms of an insurance policy offerred by a third party. However, this certificate has nothing to do with identity and since the only thing that goverments and much of the CA industry seem interested in are identity linked certificates we seem to be in a state of complete disconnect! So I agree with your assessment - certificates as they are seen by the UK government, by the EU (i.e. the recent Directive) and by much of the CA industry are very much a side issue. I am just pleading for people to avoid translating 'identity linked certificates are a side issue for electronic commerce' into 'all forms of certificate are a side issue for electronic commerce'. Brian From Ian.Johnson@uwe.ac.uk Mon, 07 Feb 2000 18:20:03 +0000 Date: Mon, 07 Feb 2000 18:20:03 +0000 From: Ian Johnson Ian.Johnson@uwe.ac.uk Subject: Food for Thawte Richard Clayton wrote: > > >When this is looked at in more detail what I really want from any > >countersignature on an e-commerce site certificate is not identity > >information but rather a guarantee from the counter-signatory that if > >anything goes wrong in my transactions with the site they will underwrite > >any losses or damage that I may incur. I want their couter-signature > >signature not to underwrite identity as such (although this is of some value > >here) but rather to carry insurance covering my risks. > > ... and that this is a possible practical response. > > However, I suspect that is going to push up the cost of such > certificates considerably - there are many things that can go wrong with > transactions besides giving your credit card number to an imposter, and > I suspect that getting the small print right (viz: to engender trust in > the consumer whilst excluding non-impersonation issues) is going to be > complex. > > I am unconvinced that what ECommerce needs right now is higher costs of > entry - which is what such certificates would mean. Ross wrote a paper I remember reading where talking about banking practice he stressed the issue of "who has the liability". For *most* consumer ecommerce transactions, digital signatures are a red herring. I want to know I'll either get the goods I've ordered, or not get charged - a standard customer not present cc transaction. Whilst it would be useful to clarify some areas of the law in particular the jurisdiction that a transaction occurs in, together with v.a.t/duty issues, a system already exists which is fine for most consumers, if only they weren't scaremongered (e.g. the egg card advert). The cost of entry at this level should and could be trivial. Business to business transactions are a different issue however, as are some other personal transactions (electronic wills? land transfers?). I do feel however that a lot of smoke is being generated by marketing types who emphasise the importance of "brands" which is essentially what we're discussing verifying. Who cares? If a company has the product you want for sale at a price you're happy with, and if the trader is fraudulent you have no liability to pay, what else is needed? Or am I missing something? regards, Ian -- Ian Johnson Tel : +44 117 965 6261 x3167 Faculty of CSM, UWE Bristol Email: irj@acm.org Frenchay Campus, Bristol. BS16 1QY. UK. From ben@algroup.co.uk Mon, 07 Feb 2000 18:59:50 +0000 Date: Mon, 07 Feb 2000 18:59:50 +0000 From: Ben Laurie ben@algroup.co.uk Subject: Food for Thawte Brian Gladman wrote: > But what do I do when the only relationship I have with a company is in > cyberspace? This is a real situation since I already buy computer hardware, > software and books from US companies with which I have no real world > relationship and I do take a risk in doing this. In the long term both I > and the company can develop trust in each other and this will allow us to > develop trust in the authentication keys that we have exchanged without > certificates. Initially, however, there are risks. > > Hence it would be nice to have a way of trusting them from the outset and > here I do see a possible value in certificates of a particular form. In > this specific situation, if a third party company that I do know and trust > provided a certificate which carried meaning: 'if you have any problems, > financial or otherwise, in undertaking an electronic transaction with this > company, we will fully compensate you' then I would derive some value from > it. > > However, this certificate has ***nothing*** to do with identity - it is an > authorisation certificate that gives the company I am dealing with the > authorisation to trade with me under the terms of an insurance policy > offerred by a third party. I'd argue that linking a key with a company's identity is valuable in itself: it provides you with a target for legal action. It is not necessary for the CA to also engage in insurance, any more than Companies House does! Cheers, Ben. -- SECURE HOSTING AT THE BUNKER! http://www.thebunker.net/hosting.htm http://www.apache-ssl.org/ben.html Y19100 no-prize winner! http://www.ntk.net/index.cgi?back=2000/now0121.txt From padgett@gdi.net Mon, 07 Feb 2000 18:37:18 -0500 Date: Mon, 07 Feb 2000 18:37:18 -0500 From: Padgett 0sirius padgett@gdi.net Subject: Food for Thawte >> >And this will not change until we can have a high degree of confidence in >> >the security properties of operating systems, which I believe is a long way >> >off. Of course then there is the question of whether any OS the has not been made available for public scrutiny will ever be secure. Of course there are ways to achieve a realsonable level of security in any system: 1) servers on a dedicated subnet, no users allowed 2) servers only aaccessable from console 3) one server per service (good place for "obsolete" machines that user's won't touch). Gennerally need only open one port 4) other services removed from server (easy with UNIX, hard but often possible with NT) 5) strict ACL on the subnet, allow only service to specific server. No ICMP, No UDP (can be done). 6) IP spoofing disallowed in ACL 7) router console accessable only In other words, an internal DMZ (and a firewall instead of a router would not hurt). This provide two layers of security for the server farm alone, a good start for "Defense in Depth" OBCrypto - am going around with Netscape about flushing the keys from a CMS 4.1 server when not in use (are retained in memory even when unattended). Problem is the people at Netscape do not seem to understand why caching the keys is not a good idea (machine must remain up to receive requests/dispense certs 24/7 but only generates keys when attended. Can use two servers, shadow on special DMZ and real one offline (current solution) or hardware smart cards. First is not bad at root level but need something simple/cheap at company/program level. Easy/cheap solution might be A/B switch for floppy/network. Keys on floppy & memory flushed before switching back (layer three). Problem is the flush process being n/a. Opinions ? A. Padgett Peterson, P.E., CISSP: Cybernetic Psychophysicist Anti-Virus, Cryptographics, & Antique Radio Researcher http://www.freivald.org/~padgett/index.html mailto:padgett@gdi.net PGP 6.5 Key on request