[687] in WWW Security List Archive
Hidden Agenda
daemon@ATHENA.MIT.EDU (Mark H Linehan/Watson/IBM Research)
Wed May 10 17:20:37 1995
To: www-security <www-security@ns2.rutgers.edu>
From: Mark H Linehan/Watson/IBM Research <linehan@watson.ibm.com>
Date: 10 May 95 13:03:30
Errors-To: owner-www-security@ns2.rutgers.edu
A colleague of mine asks that I post the following additional point regarding
one of the key design issues for iKP, just to make it clear that there is
nothing hidden: "most US people do not realize that for a payment system to
make it it must be exportable. SSL and SHTTP are not unless you castrate
them. This is why iKP was designed the way it was. It leaves privacy of the
order up to SSL/SHTTP to stay clear of export issues, but it secures privacy of
the PIN and payment info with strong crypto wrapped in a snap-in component that
can be used only for payment and is thus exportable (BTW we already have the OK
from NSA and DoC in principle)."
---------------------------------------------------------------------------------
Mark H. Linehan
IBM T. J. Watson Research Center, Hawthorne, New York
linehan@watson.ibm.com; LINEHAN at WATSON
http://w3.watson.ibm.com/~linehan/home.html (inside IBM only)
(914) 784-7860; 8-863-7860; fax (914) 784-7484
