[Cryptography] What do we know? (Was 'We cannot trust' ...)
James A. Donald
jamesd at echeque.com
Sat Dec 28 16:00:35 EST 2013
>>> Large customers, government or otherwise, that know what they are
>>> doing realize that if a custom extension/addition is incorporated
>>> in a product *just for them*, then they will be paying forever for
>>> it to be maintained and included with every future upgrade of the
>>> product.
On Dec 28, 2013, at 3:51 AM, James A. Donald wrote:
>> Famously, government does not care. It is just taxpayer money.
On 2013-12-28 22:33, Jerry Leichter wrote:
> It really depends.
No it really does not depend. You would have to be crazy to pass up an
excuse to customize a product so that it is government only, thus
allowing you can justify a completely insane price enormously higher
than that you charge other customers. No one ever passes up such
opportunities.
If you have a customer who is spending other people's money for the
benefit of other people, you can charge him considerably more. If the
people he supposed serves are far away, you can charge him way, way, way
more, in approximate proportion to the organizational and geographic
distance between agent and principal.
> But there's also an immense amount of "ordinary" stuff the
> government buys under COTS regulations. There are huge numbers of
> perfectly ordinary PC's and laptops spread throughout government
> offices that were bought from the same distributors any large
> business might go to, at the same prices any large business might
> pay.
Which is exactly why you want an excuse for product differentiation, to
get around those nasty regulations that require you to charge government
the same price as you charge customers that care about price.
Thus, from the fact that RSA responded to payment by putting the
algorithm in the product for everyone, we may conclude that the
government paid them to put the algorithm in the product for other
people not the government.
More information about the cryptography
mailing list