[2675] in Kerberos
Re: New Govt. Key Exchange Protocol..
daemon@ATHENA.MIT.EDU (Chuck McManis)
Mon Apr 19 17:47:24 1993
Date: Mon, 19 Apr 93 14:27:44 PDT
From: Chuck.McManis@Eng.Sun.COM (Chuck McManis)
To: sommerfeld@apollo.hp.com, bf4grjc@bell-atl.com
Cc: kerberos@Athena.MIT.EDU
Note: Clearly these are my own opinions and my own conclusions based
on unclassified information availble to the general public. I make no
claim, nor should you infer, that Sun Microsystems or any of its
subsidiaries believes as I do.
>BTW: I assume that this whole thing is basically focussing on
>telecommunications. It's fairly irrelveant to users at computers,
>in this day and age of anonymous terminals.
This is a fairly naive view. Assume for the moment that this thing
gets "accepted" for some form of the word (most likely required on
all Gov't bids from computer vendors.) How much do you think Sun is
going to spend on 'alternative' crypto systems and authentication
systems like kerberos if a "standard" exists? And given that, and
that it ends up coming "standard" with the system, how many programmers
are going to 'invent their own' system when they can use the system
one? No, this "whole thing" is an assault on the computer industry
at large by the Federal Government, who is apparently quite concerned
that its intelligence services are in imminent danger of being cut
off from a large source of information.
Several recent stories that relate:
- The percentage of "personal" computers that have 486 class
processors is skyrocketing much faster than anyone predicted
(apparently a lot of '86 and '286 users are now upgrading)
- The growth of the Internet outside of the U.S. has doubled
over the past year or so. The number of "people" on-line is
growing geometrically.
- It is cheaper to send and email/fax than it is to use the
"regular" post office. Commercial and shareware packages
are making it trivially easy for anyone to encrypt them.
- Double-blind email systems are being tried out where both
the sender and receiver of the data are anonymous.
You don't have to be an analyst at Langley to figure out what this
means. A new global communications network is arising (first came
mail/telgrams, then telephones, and now the Internet) and because
of its "gestation" there hasn't been any way to control it.
It means that lay people will have access to crypto systems
that are so strong and so interconnected that international groups
will be able to communicate, in private. Not just the bad guys.
And that means that there aren't enough computers in the world to
let the more sophisticated governments "in" on the global chatter.
They are just trying to do their job. And it is especially difficult
given the nature of the system and its lack of centralized control.
(You will note that most governments control both their post offices
and their telco nets) Taken in that light you can understand there
are only so many things that can be done to influence the system.
The export restrictions were a start but they are under serious pressure.
RSA is licensed by almost every computer maker. If you were the
government of an allegedly free country who was threatened with
the loss of your major intelligence assets what would you do?
--Chuck McManis
