[a] >A 56-bit key of any algorithm, on any modern production machine
>is, as far as I can tell, absolutely unconscionable.
[b] >...................... It would seem to be a relatively simple
>matter for Apple to offer strong crypto domestically & weak
>crypto everywhere else; Netscape and Microsoft already do this
>with their browsers.
Well, folks, on any other day the more hypergraphic
cross-posters to/on/at these lists would be vigorously
damning the regulatory necessity of American versions
different from non-American versions as proof of the dark
side's impending triumph. It is so ironic to contemplate
damning a vendor for making you a citizen of the world.
As much as I am myself a devout believer in crypto privacy
verging on crypto anarchy, I suggest that "we" are
seriously in danger of making the best the enemy of the
good when we delude ourselves that first rate crypto can
trivially appear in any mass market consumer gizmo
commoditized to a faretheewell. Speaking with all the
wisdom I can distill from my own security career in the
real world of competing demands and distracted management
chains, keeping honest people honest is a palpably high
goal, perhaps the highest goal for which you can build a
mass market product. Me, I'll use/buy the bloody best I
can, but I will rest vastly easier when even middling
encryption is a pervasive reality, i.e., when everybody's
mother is using 56 bits my 128 bit super-encryption will
be just as secure but much less likely to garner unwanted
attention from people I can never out spend.
In the meantime, buy-side companies driven by "prudent
man" risk management are not now nor will they ever be as
paranoid as we here are, and per the iron whim of the
market it is their dollars that rule.
--dan
---------------------
Learn to be invisible
