Interesting People mailing list archives

Previous By Date Next
Previous By Thread Next

IP: IT View of Worldwide Electronic Commerce Conference

From: David Farber <farber () central cis upenn edu>
Date: Wed, 25 Oct 1995 06:46:02 -0400
Date: Wed, 25 Oct 95 03:20:19 CDT
From: guthery () austin sar slb com


Robert Hettinga wonders ...



Did anyone go to the

"Worldwide Electronic Commerce Law, Policy, Security and Controls Conference" ?

It was in Bethesda October 18 - 20.

Just curious. Sponsored by a lot of Big Cheese (ABA, HLS, NIST, UNCITL,
SPA, ETC, ETC, ETC).



I did and here's a view from IT; i.e. not law or marketing.  The conference
was two-track so by definition I only attended 1/2 the sessions.


The high points ...


        - the Web will support commerce next year from modest (multi-$1,000)
          down to micro (sub-penny) transactions


        - the U.S. Government is trying to trade 64-bit keys for
          escrow but folks aren't buying it;  Dorthy Denning gave
          a very weak "the sky is falling" talk.


        - Intel is building systems and secure infrastructure software;
          Microsoft may start to feel trapped between Intel and Netscape.


        - current copyright law seems up to the task of handling the Web but
          contract law may need some updating


        - iris scanning seems to be the leading biometric; there is a PCMCIA
          card that does fingerprints including pores which I learned are
          better than ridges for identification


        - nobody had any insight on transnational data flow, encrypted
          or otherwise


        - Verisign (a spin-off of RSA) is selling Digital IDs and running a
          Certification Authority; see


                    http://www.verisign.com


        - the Swedes have a very aggressive Digital ID system on the air;
          see
                    http://www.cost.se


        - X.509 seems to be the de facto and de jure certificate standard;
          current work is at ftp://NC-17.MA02.Bull.com in
          /pub/OSIdirectory/Certificates


        - RSA for encryption and DSA for signatures were the encryption
          technologies of preference;  PGP was occassionally acknowledged
          to be one of the best available but strangely went undiscussed.


          Good quote: "Commercial DES (for export) with 40 bit keys is a
                       joke. Don't even think about it."


        - other relevant URLs:
                 www.ms.com
                 www.terisa.com
                 www.ssa.gov


Most of the security focus of the conference was on authentication.
Previous By Date Next
Previous By Thread Next

Current thread: