>>in a system they don't control. Currently, the government collectively in
>>the form of the Interagency Working Group has opened an avenue in which CKE
>>can serve as a catalyst to accomplish what we all need: Security on the
>>Global Information Infrastructure...
>Oooh, why does that give me the cold shivers....
Disagree and think you are making assumprions: I have nothing against CKE
(and corporations have compelling reasons for) CKE *so long as I trust
the keyholder*.
As example:
1) I trust me 8*)
2) I trust Mastercard/Visa/AmEx in matters dealing with their cards
3) I even trust the gov *in matters dealing with the gov* (IRS, SS, Voters
registration, etc - can see as necessary for electronic voting from home.
4) I trust my employer in matters dealing with my employment.
ANFSCD
Had a demo by the V-One people on Friday of their Smartgate/Smartwall
(whatever) products. More than the normal demo as my notebook was used
as the remote client. Installed in about five minutes and provides a
secure channel extension of a network.
Have also been in contact with TIS (PC-Extender) and Eagle (Nomad/Mobile)
who are pitching the same thing but thusfar not even the software has
materialized much less a demo.
Unlike a Netscape commerce server, RSA is not generally used, rather a
shared secret is developed and can be stored on a smartcard, floppy,
or on a computer depending on the degree of risk vs cost posture assumed
(smartcard is most secure but a U$100-U$150 reader is required).
The system is built on top of a TIS Gauntlet but has some valuable additions
such as secure remote access via WWW for administration. Unfortunately it
lacks a nice GUI but I tend to trust an ACL more anyway - besides think of
it as job security for adminstrators.
For corporations it is nice because it provides full secure channels. For
governments it should be acceptable since the clients are limited to known
hosts which can control/proxy/record sessions. The V-One personnel stated
that the clients are exportable to overseas offices of US corporations with
minimal paperwork (a business week).
Am going to have to live with it for a while but suspect this is the shape
of things to come.
Warmly,
Padgett
|
|
