[IP] China Mandates Closed Security Standard

Gregory Hicks ghicks at cadence.com
Tue Feb 3 19:20:29 EST 2004


Of interest to security folks...  From Dave Farber's IP list..

------------- Begin Forwarded Message -------------

Date: Tue, 03 Feb 2004 18:33:18 -0500
From: Dave Farber <dave at farber.net>

China Mandates Closed Security Standard

The Wi-Fi Alliance and IEEE were apparently taken by surprise when the
Chinese government's regulatory arm announced that only devices that
included WAPI (Wired Authentication and Privacy Infrastructure) would
be legal to sell in China after Dec. 1, 2003.

That was the first most companies and individuals had heard of WAPI,
which is a home-grown replacement for the broken WEP (Wired Equivalent
Privacy) standard that in the rest of the world is being replaced by
WPA (Wi-Fi Protected Access) and IEEE 802.11i (due to be finished in
2004).

The Chinese apparently didn't want to wait for WPA or 802.11i, and have
mandated WAPI on new equipment. Existing gear doesn't have to be
trashed, and companies with contracts to deliver equipment that
extended past Dec. 1 were allowed to continue to deliver it.

Only a handful of Chinese companies are licensed to include WAPI in
their equipment, which may force non-Chinese vendors to partner to
continue to sell into a growing market.

What's worse, WAPI is confidential. It hasn't been openly discussed or
tested, and given the nature of China's monitoring of other forms of
communication, it's likely that the standard includes a method for
interception of ostensibly encrypted traffic.

-------------------------------------
Archives at: http://www.interesting-people.org/archives/interesting-people/

------------- End Forwarded Message -------------


-------------------------------------------------------------------
Gregory Hicks                        | Principal Systems Engineer
Cadence Design Systems               | Direct:   408.576.3609
555 River Oaks Pkwy M/S 6B1          | Fax:      408.894.3400
San Jose, CA 95134                   | Internet: ghicks at cadence.com

"The trouble with doing anything right the first time is that nobody
appreciates how difficult it was."

When a team of dedicated individuals makes a commitment to act as
one...  the sky's the limit.

Just because "We've always done it that way" is not necessarily a good
reason to continue to do so...  Grace Hopper, Rear Admiral, United
States Navy

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list