Slashdot Mirror

← Back to Stories (view on slashdot.org)

Mozilla to get PKI source code

Posted by Hemos on from the more-code-out-sooner dept.

ChrisRijk wrote to us about the release of PKI information to Mozilla. The "Sun-Netscape Alliance" has that announced that it will give mozilla.org a bunch of PKI (Public Key Infrastructure) library source code and utilities. This was made possible due to looser regulation of encryption source code by the US Department of Commerce." A FAQ available at the Mozilla web site.

2 of 98 comments (clear)

  1. Re:So maybe I'm cynical... by Frank+Hecker · · Score: 5
    To clarify this: First, the code being released is being created by a separate group of developers from the main Mozilla developers at AOL/Netscape; it's from the security engineering team that creates the security/crypto infrastructure for the Sun/Netscape Alliance server products as well as for Netscape Communicator. Second, the security stuff is not tightly embedded in present Mozilla like it was in Mozilla Classic and Netscape Communicator 4.x; it's more like an add-on architecture through a defined set of general-purpose APIs in main Mozilla.

    So it's not like the security/crypto work is taking lots of developers away from other Mozilla work.

  2. Re:Really good crypto by Kaa · · Score: 5

    It isn't the governments of the world that I fear when I protect my data. It isn't worth much to them. This will help protect it from the people who want a piece of my bank account.

    Well, first of all it depends on the tendencies of your government and the size of your bank account -- some people worry more about one, and some people worry more about the other.

    Second, the security of your bank account is 99% dependent on security policies of your bank that you can do zilch about (other than taking your account to another bank, that is). Remember, these are the same people who think that a social security number and a mother's maiden name authenticates a person.

    Third, you usually have recourse against banks (if they lose your money, they have to make it up to you), but not against governments (if you spend a year in prison as a suspect in a criminal investigation and then let go because it wasn't you, the best you can hope for is an apology).

    Fourth, you have your priorities bass-ackwards. If your bank account gets raided, all you lose is money. If a government takes a dislike to you, your problems are likely to be rather more significant.

    And as to "It isn't worth much to them.", remember that governments are interested not in money, but in power. Don't think of how much money can somebody who knows your data can make. Think about how much power will he have over you.

    Kaa

    --

    Kaa
    Kaa's Law: In any sufficiently large group of people most are idiots.