Computer "health certificate" plan: Charney of DoJ/MS

[Peter Gutmann]

Before people get too far into conspiracy theories with this, I should point
out that health certificates have been part of corporate Windows environments
for years (I don't know how many exactly, I think it's been since at least
Server 2003).  The intent of health certs is that it allows the IT department
to manage PCs by allowing checks that they have the latest AV updates
installed, the corporate desktop background and Windows theme, the corporate
mail client in an up-to-date version, and so on.  In other words it's a
configuration management solution.  Think cfengine with certs.

In this case it looks like a MS spokesperson has decided that the existing
cfengine-with-certs approach used in corporate environments would work on an
ISP-wide or even nation-wide level.  It's no conspiracy theory, just a case of
either cluelessness about scaling issues or misreporting of a blue-sky, what-
if proposal.  I'd guess it's the latter.

Peter.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com