Challenge to David Wagner on TCPA

Trei, Peter ptrei at rsasecurity.com
Thu Aug 1 16:14:06 EDT 2002


I'm going to respond to AARGH!, our new Sternlight, by asking two questions.

1. Why can't I control what signing keys the Fritz chip trusts? 

If the point of TCPA is make it so *I* can trust that *my* computer 
to run the software *I* have approved, and refuse to run something 
which a virus or Trojan has modifed (and this, btw, is the stated 
intention of TCPA), then why the hell don't I have full control over 
the keys? If I did, the thing might actually work to my benefit.

The beneficiary of TCPA when I don't have ultimate root control is
not I. It is someone else. That is not an acceptable situation.

2. It's really curious that Mr. AARGH! has shown up simultaneously
on the lists and on sci.crypt, with the single brief of supporting TCPA.

While I totally support his or her right to post anonymously, I can only
speculate that anonymity is being used to disguise some vested 
interest in supporting TCPA. In other words, I infer that Mr. AARGH!
is a TCPA insider, who is embarassed to reveal himself in public.

So my question is: What is your reason for shielding your identity?
You do so at the cost of people assuming the worst about your
motives.

Peter Trei

 PS: Speculating about the most tyrannical uses to which 
a technology can be put has generally proved a winning 
proposition. 


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com



More information about the cryptography mailing list