From <@vm42.cso.uiuc.edu:owner-cudigest@VMD.CSO.UIUC.EDU> Wed Jun 29 01:57:33 1994

From <@vm42.cso.uiuc.edu:[email protected]> Wed Jun 29 01:57:33 1994
Date: Wed, 29 Jun 1994 00:08:00 CDT
Reply-To: [email protected]
Sender: CU-DIGEST list <CUDIGEST%[email protected]>
Subject: Cu Digest, #6.58
To: Multiple recipients of list CUDIGEST <CUDIGEST%[email protected]>

Computer underground Digest Tue June 28, 1994 Volume 6 : Issue 58
ISSN 1004-042X

Editors: Jim Thomas and Gordon Meyer ([email protected])
Archivist: Brendan Kehoe
Retiring Shadow Archivist: Stanton McCandlish
Shadow-Archivists: Dan Carosone / Paul Southworth
Ralph Sims / Jyrki Kuoppala
Ian Dickinson
Coptic Idolator: Ephram Shrewdlieu

CONTENTS, #6.58 (Tue, June 28, 1994)

File 1--Re: E-Mail Female for a Day (CuD 6.57)
File 2--Re: "Ghost in the Modem" (CuD 6.51)
File 3--Cryptography export legislation in need of help!
File 4--Terisa_Systems.html

Cu-Digest is a weekly electronic journal/newsletter. Subscriptions are
available at no cost electronically.

CuD is available as a Usenet newsgroup: comp.society.cu-digest

Or, to subscribe, send a one-line message: SUB CUDIGEST your name
Send it to [email protected] or [email protected]
The editors may be contacted by voice (815-753-0303), fax (815-753-6302)
or U.S. mail at: Jim Thomas, Department of Sociology, NIU, DeKalb, IL
60115, USA.

Issues of CuD can also be found in the Usenet comp.society.cu-digest
news group; on CompuServe in DL0 and DL4 of the IBMBBS SIG, DL1 of
LAWSIG, and DL1 of TELECOM; on GEnie in the PF*NPC RT
libraries and in the VIRUS/SECURITY library; from America Online in
the PC Telecom forum under "computing newsletters;"
On Delphi in the General Discussion database of the Internet SIG;
on RIPCO BBS (312) 528-5020 (and via Ripco on internet);
and on Rune Stone BBS (IIRGWHQ) (203) 832-8441.
CuD is also available via Fidonet File Request from
1:11/70; unlisted nodes and points welcome.

EUROPE: from the ComNet in LUXEMBOURG BBS (++352) 466893;
In ITALY: Bits against the Empire BBS: +39-461-980493

UNITED STATES: etext.archive.umich.edu (141.211.164.18) in /pub/CuD/
ftp.eff.org (192.88.144.4) in /pub/Publications/CuD
aql.gatech.edu (128.61.10.53) in /pub/eff/cud/
world.std.com in /src/wuarchive/doc/EFF/Publications/CuD/
uceng.uc.edu in /pub/wuarchive/doc/EFF/Publications/CuD/
wuarchive.wustl.edu in /doc/EFF/Publications/CuD/
EUROPE: nic.funet.fi in pub/doc/cud/ (Finland)
ftp.warwick.ac.uk in pub/cud/ (United Kingdom)

JAPAN: ftp.glocom.ac.jp /mirror/ftp.eff.org/

COMPUTER UNDERGROUND DIGEST is an open forum dedicated to sharing
information among computerists and to the presentation and debate of
diverse views. CuD material may be reprinted for non-profit as long
as the source is cited. Authors hold a presumptive copyright, and
they should be contacted for reprint permission. It is assumed that
non-personal mail to the moderators may be reprinted unless otherwise
specified. Readers are encouraged to submit reasoned articles
relating to computer culture and communication. Articles are
preferred to short responses. Please avoid quoting previous posts
unless absolutely necessary.

DISCLAIMER: The views represented herein do not necessarily represent
the views of the moderators. Digest contributors assume all
responsibility for ensuring that articles submitted do not
violate copyright protections.

----------------------------------------------------------------------

Date: Mon, 27 Jun 1994 10:06:54 -0500
From: Anonymous <[email protected]>
Subject: File 1--Re: E-Mail Female for a Day (CuD 6.57)

> It begins to dawn on me that Jeff is simply not going to leave me alone.
> "Stop being a weenie, Jeff," I growl at the terminal. More than just
> annoy, he's really beginning to piss me off. He is _only_ acting this
> way because he thinks I'm female. If there was a "male" designation on
> the screen beside my name, Jeff would not bothered me after the second
> ignore, if he would have noticed me at all.

Guys who impersonate females on the net are called 'she-males'. There
are *lots* of them around...

What many of these macho hetboys out there don't realise is that there's
a large gay and bi subculture that gets off on hanging out on the net,
irc, and bbs's, using female handles in order to hit on het guys like
this.

There's a great deal of satisfaction to be had from having hot netsex
with one of these bozos, then while he's relaxing and wiping the cum
off his keyboard you tell him 'Yo, that was fun. Say, next time,
call me Danny...'

That's one reason guys pretend to be females; another group talks to
women to get them to talk dirty, thinking they're talking to other
women, especially on the lesbian and bisexual female channels on IRC.
(The lesbian channels are hilarious, where the women ask you questions
that the men 'couldn't possibly' know the answers to, like the small
print on a packet of tampons. Also you have to string off a list
of very right-on lesbian-friendly music that you're supposed to like...
They seem to think this will keep the she-males out. Bwahahaha!)

I remember one time on #bifem last year when there were 5 people on
the channel and *every one* of us was either male or m->f transsexual...
not a real woman among us! (I'm not sure the other 4 guys realised
this...)

Watch out guys, the next woman you molest might be a 6'2'' programmer
from Silverado California!

------------------------------

Date: 15 Jun 94 13:03:24 CDT
From: [email protected]
Subject: File 2--Re: "Ghost in the Modem" (CuD 6.51)

In Cu Digest #6.51, Bryce Wilcox wrote:

-=> In CuD 6.50 I read an article entitled "Ghost in the Modem (Loka Alert
-=> 1:6 Wash. Post)". In this article, authors Richard Sclove and
-=> Jeffrey Scheuer deliver several warnings about the possible effects of
-=> the developement of the Information Superhighway and conclude by
-=> suggesting three restrictions that, they assert, should be placed on
-=> information service developement.
-=>
-=> While I find myself in more or less complete disagreement with the
-=> authors, I am not going to argue about the thesis of their article
-=> today. Instead, I would like to draw attention to a statement made
-=> earlier in the article which I believe indicates an underlying false
-=> assumption.
-=>
-=> The statement is: "And the risk of inequity in contriving and
-=> distributing electronic services [...] is clear."
-=>
-=> This statement seems to assume that access to information technology
-=> should be equally distributed among individuals. The reason that I
-=> find this assumption disturbing enough to write about is because I
-=> often see variations on such a theme echoed in Computer underground
-=> Digest, but I rarely if ever see a contradictory opinion stated.
-=>
-=> I would like to take this opportunity to state that I
-=> believe egalitarianism, in regard to information technology
-=> as elsewhere, is an irrational, immoral, and dangerous
-=> ideal.
-=>
-=> As a denizen of cyberspace and a long-time reader of CuD, I would
-=> like others to know that I will not assist anyone in his or her
-=> attempt to enact policies which, I believe, would be vastly
-=> destructive to the cyber-society, and the real society which I
-=> inhabit.
-=> I am sure that many of my fellow Net citizens have similar ideals
-=> and ideologies, but I would not know it from reading CuD!
-=>
-=> commentary and criticism is welcome

You don't leave much to comment on, but I'm curious what your
reasoning is for your position. I agree with you on the second to
last paragraph, that policies and programs that are, or could be,
destructive should be opposed, but I don't understand the connection
between the ideal that every citizen that cares to connect up and
start surfing the net should be allowed to and a policy that's
destructive to either the "cyberspace" that we keep hearing about or
the real society in which we live.

Maybe I'm misunderstanding your position, but you seem to favour a
"status quo" position that only the technologically knowledgable
should be allowed to use the networks. A sort of nerd-priesthood, if
you will, paying homage to the net.gods. If this is, in fact, your
position, how would one go about joining this priesthood? What sort
of controls will have to be implemented to keep out the
non-initiated?

------------------------------

Date: Tue, 28 Jun 1994 12:40:10 -0400 (EDT)
From: "Shabbir J. Safdar" <[email protected]>
Subject: File 3--Cryptography export legislation in need of help!

[URGENT ACTION REQUIRED BEFORE 10:30AM JUNE 30TH, 1994]
[PLEASE CHECK THE "WHAT YOU CAN DO RIGHT NOW" SECTION!]
*********************************************************************

DISTRIBUTE WIDELY

*********************************************************************

Table of contents:
Introduction & Alert
Status of the bill
What you can do right now
List of legislators supporting HR 3937 (formerly HR 3627)
List of legislators wavering on HR 3937 (formerly HR 3627)
List of legislators opposing HR 3937 (formerly HR 3627)
What is the Cantwell bill?

---------------------------------------------------------------
INTRODUCTION & ALERT

Voters Telecomm Watch keeps scorecards on legislators' positions on
legislation that affects telecommunications and civil liberties.
If you have updates to a legislator's positions, from either:

-public testimony,
-reply letters from the legislator,
-stated positions from their office,

please send them to [email protected] so they can be added to this list.

General questions: [email protected]
Mailing List Requests: [email protected]
Press Contact: [email protected]
Gopher URL: gopher://gopher.panix.com:70/1/1/vtw
WWW URL:Be patient; we're working on it. :-)
---------------------------------------------------------------
STATUS OF THE BILL (updated 6/28/94)

The Cantwell bill, that allows for fewer restrictions exports of
cryptography, has an interesting history. It was rolled into the
General Export Administration Act HR 3937. The House Foreign Affairs
Committee passed the full strength version out of committee after
open, public hearings. The House Intelligence Committee took the
bill and gutted it after a day of closed, secret hearings. The
gutted version is making its way to the House floor.

There is a crucial stop-off point, however. The House Rules Committee
will hold a hearing on Thursday June 30th, 10:30am in D.C. (Room H-13)
to determine if the bill can be amended on the House floor (an "open"
bill) or not (a "closed" bill).

If they mark the bill as "open", then the Cantwell bill could be restored
to its previous version, removing the language put in by the House Select
Intelligence Committee which gutted it without a public hearing.

It is crucial that you call of the members of the House Rules Committee
before 10:30am Thursday June 30th and urge them to mark the bill as
"open".

This may be the last thing you can do for the cryptographic export
legislation. Take the time to make a call!

Chronology of the bill
Jun 30, 94 House Rules Comm. decides whether to allow amendments
on the bill when it reaches the House floor
Jun 14, 94 Gutted by the House Select Committee on Intelligence
May 20, 94 Referred to the House Select Committee on Intelligence
May 18, 94 Passed out of the House Foreign Affairs Committee on May 18
attached to HR 3937, the General Export Administration Act
Dec 6, 93 Referred to the Subcommittee on Economic Policy, Trade and
Nov 22, 93 Referred to the House Committee on Foreign Affairs.

---------------------------------------------------------------
WHAT YOU CAN DO RIGHT NOW

Estimated time to do this good deed: Two minutes

Show your support for HR 3937 (formerly HR 3627) by contacting a member
of the House Rules Committee and ask them to mark the bill as "open"
(allowing amendments) when it reaches the House floor.

The phone numbers of the members of the House Rules Committee are listed
below. Please pick one from your state and call them. If your state
isn't listed please call the Chairman, Rep. Joe Moakley.

Feel free to use the following sample communique:

The Honorable ____________
address
Washington DC, 20515

Dear Congressman or Congresswoman,

Please mark the General Export Administration Act (HR 3937) as
"open" (allowing amendments on the House floor).

Recently the House Intelligence Committee removed several provisions
of the General Export Administration Act, HR 3937, dealing with
the export of cryptographic technology.

The House Intelligence Committee did this in a closed, secret hearing
which provided for no public input. The House Foreign Affairs
Committee previously held an open hearing on the same issue and
received a flood of people testifying in favor of the bill, which the
committee then reported out in full.

I urge you to allow the democratic process to take its course
on the House floor and mark the bill as "open".

Sincerely,

_________________________________

Phone/Fax/Addresses of members of the House Rules Committee

103rd United States Congress, 1993-1994

All addresses are Washington, D.C. 20515

Dist ST Name, Address, and Party Phone Fax
==== == ======================== ============== ==============
9 MA Moakley, John Joseph (D) 1-202-225-8273 1-202-225-7304
235 Cannon
3 SC Derrick, Butler (D) 1-202-225-5301 1-202-225-5383
221 Cannon
24 CA Beilenson, Anthony (D) 1-202-225-5911 1-818-999-2258
2465 RHOB (might not answer)

24 TX Frost, Martin (D) 1-202-225-3605 1-202-225-4951
2459 RHOB
10 MI Bonior, David E. (D) 1-202-225-2106 1-202-226-1169
2207 RHOB
3 OH Hall, Tony P. (D) 1-202-225-6465 1-202-225-6766
2264 RHOB
5 MO Wheat, Alan (D) 1-202-225-4535 1-202-225-5990
2334 RHOB
6 TN Gordon, Bart (R) 1-202-225-4231 1-202-225-6887
103 Cannon
28 NY Slaughter, Louise M. (D) 1-202-225-3615 1-202-225-7822
2421 RHOB
22 NY Solomon, Gerald B. (R) 1-202-225-5614 1-202-225-1168
2265 RHOB
1 TN Quillen, James H. (R) 1-202-225-6356 1-202-225-7812
102 Cannon
28 CA Dreier, David (R) 1-202-225-2305 1-202-225-4745
411 Cannon
14 FL Goss, Porter J. (R) 1-202-225-2536 1-202-225-6820
330 Cannon

--------------------------------------------------------

LIST OF LEGISLATORS SUPPORTING CRYPTOGRAPHY EXPORT LEGISLATION

The following legislators have formally registered support for
cryptography export legislation. Call them with your cheers.

All addresses are Washington, D.C. 20515

Dist ST Name, Address, and Party Phone Fax
==== == ======================== ============== ==============
1 WA Cantwell, Maria (D) 1-202-225-6311 1-202-225-2286
1520 LHOB
HR 3627's sponsor; thank her for her work!

16 IL Manzullo, Donald (R) 1-202-225-5676 1-202-225-5284
506 Cannon
Cosponsored HR 3627 on 11/22/93

3 UT Orton, William H. (D) 1-202-225-7751 1-202-226-1223
1122 LHOB
Cosponsored HR 3627 on 03/22/94

3 OR Wyden, Ronald (D) 1-202-225-4811 1-202-225-8941
1111 LHOB
Cosponsored HR 3627 on 03/22/94

16 CA Edwards, Donald (D) 1-202-225-3072 1-202-225-9460
2307 RHOB
Cosponsored HR 3627 on 03/22/94

19 OH Fingerhut, Eric D. (D) 1-202-225-5731 1-202-225-9114
431 Cannon
Cosponsored HR 3627 on 03/22/94

4 MA Frank, Barney (D) 1-202-225-5931 1-202-225-0182
2404 RHOB
Cosponsored HR 3627 on 03/22/94

2 UT Shepherd, Karen (D) 1-202-225-3011 1-202-226-0354
414 Cannon
Cosponsored HR 3627 on 03/22/94

3 WA Unsoeld, Jolene (D) 1-202-225-3536 1-202-225-9095
1527 LHOB
Cosponsored HR 3627 on 03/22/94

19 FL Johnston II, Harry (D) 1-202-225-3001 1-202-225-8791
204 Cannon
Cosponsored HR 3627 on 03/22/94

9 WA Kreidler, Mike (D) 1-202-225-8901 1-202-226-2361
1535 LHOB
Cosponsored HR 3627 on 03/22/94

4 WA Inslee, Jay (D) 1-202-225-5816 1-202-226-1137
1431 LHOB
Cosponsored HR 3627 on 03/22/94

7 WA McDermott, James A. (D) 1-202-225-3106 1-202-225-9212
1707 LHOB
Cosponsored HR 3627 on 03/22/94

8 IN McCloskey, Frank (D) 1-202-225-4636 1-202-225-4688
306 Cannon
Cosponsored HR 3627 on 03/22/94

14 CA Eshoo, Anna G. (D) 1-202-225-8104 1-202-225-8890
1505 LHOB
Cosponsored HR 3627 on 03/22/94

10 NC Ballenger, Thomas C. (R) 1-202-225-2576 1-202-225-0316
2238 RHOB
Cosponsored HR 3627 on 05/04/94

2 WA Swift, Al (D) 1-202-225-2605 1-202-225-2608
1502 LHOB
Cosponsored HR 3627 on 05/04/94

---------------------------------------------------------------
LIST OF LEGISLATORS WAVERING ON CRYPTOGRAPHY EXPORT LEGISLATION
[Feel free to use the sample communique at the end of the FAQ when calling
or writing a legislator.]

26 NY Hinchey, Maurice D. (D) 1-202-225-6335 1-202-226-0774
1313 LHOB
Recently told a constituent that he is taking the Cantwell bill
under consideration, but has "national security concerns" about
allowing encryption to be exported outside the United States.

1 IA Leach, James (R) 1-202-225-6576 1-202-226-1278
2186 RHOB
Has yet to answer a constituent letter with a stated position.

13 NY Molinari, Susan (D) 1-202-225-3371 1-202-226-1272
123 Cannon
Has yet to answer a constituent letter with a stated position.
(has taken inordinately long)

8 NY Nadler, Jerrold (D) 1-202-225-5635 1-202-225-6923
424 Cannon
Met with lobbying constituent in April '94; no position taken yet

25 CA McKeon, Howard P. (R) 1-202-225-1956 1-202-226-0683
307 Cannon
Responded to a constituent with a "non-position", May '94
Had a favorable meeting with a constituent and a VTW volunteer
in May '94.

-------------------------------------------------------------------------------
LIST OF LEGISLATORS OPPOSING CRYPTOGRAPHY EXPORT LEGISLATION
[Feel free to use the sample communique at the end of the FAQ when calling
or writing a legislator.]

Dist ST Name, Address, and Party Phone Fax
==== == ======================== ============== ==============
5 AL Cramer Jr, Robert E. (D) 1-202-225-4801 1-202-225-4392
1318 LHOB

FAILED Cryptography exports:
Voted to kill Rep. Cantwell's export provisions in the
House Intelligence Committee on 6/15/94.

8 CA Pelosi, Nancy (D) 1-202-225-4965 1-202-225-8259
240 Cannon

FAILED Cryptography exports:
Voted to kill Rep. Cantwell's export provisions in the
House Intelligence Committee on 6/15/94.

32 CA Dixon, Julian C. (D) 1-202-225-7084 1-202-225-4091
2400 RHOB

FAILED Cryptography exports:
Voted to kill Rep. Cantwell's export provisions in the
House Intelligence Committee on 6/15/94.

40 CA Lewis, Jerry (R) 1-202-225-5861 1-202-225-6498
2312 RHOB

FAILED Cryptography exports:
Voted to kill Rep. Cantwell's export provisions in the
House Intelligence Committee on 6/15/94.

46 CA Dornan, Robert K. (R) 1-202-225-2965 1-202-225-3694
2402 RHOB

FAILED Cryptography exports:
Voted to kill Rep. Cantwell's export provisions in the
House Intelligence Committee on 6/15/94.

2 CO Skaggs, David E. (D) 1-202-225-2161 1-202-225-9127
1124 LHOB

FAILED Cryptography exports:
Voted to kill Rep. Cantwell's export provisions in the
House Intelligence Committee on 6/15/94.

10 FL Young, C. W. (R) 1-202-225-5961 1-202-225-9764
2407 RHOB

FAILED Cryptography exports:
Voted to kill Rep. Cantwell's export provisions in the
House Intelligence Committee on 6/15/94.

4 KS Glickman, Daniel (D) 1-202-225-6216 1-202-225-5398
2371 RHOB

FAILED Cryptography exports:
Voted to kill Rep. Cantwell's export provisions in the
House Intelligence Committee on 6/15/94.

1 NE Bereuter, Douglas (R) 1-202-225-4806 1-202-226-1148
2348 RHOB

FAILED Cryptography exports:
Voted to kill Rep. Cantwell's export provisions in the
House Intelligence Committee on 6/15/94.

9 NJ Torricelli, Robert (D) 1-202-224-5061 1-202-225-0843
2159 RHOB

FAILED Cryptography exports:
Voted to kill Rep. Cantwell's export provisions in the
House Intelligence Committee on 6/15/94.

3 NM Richardson, William (D) 1-202-225-6190 1-202-225-1950
2349 RHOB

FAILED Cryptography exports:
Voted to kill Rep. Cantwell's export provisions in the
House Intelligence Committee on 6/15/94.

1 NV Bilbray, James H. (D) 1-202-225-5965 1-202-225-8808
2431 RHOB

FAILED Cryptography exports:
Voted to kill Rep. Cantwell's export provisions in the
House Intelligence Committee on 6/15/94.

17 PA Gekas, George W. (R) 1-202-225-4315 1-202-225-8440
2410 RHOB

FAILED Cryptography exports:
Voted to kill Rep. Cantwell's export provisions in the
House Intelligence Committee on 6/15/94.

2 RI Reed, John F. (D) 1-202-225-2735 1-202-225-9580
1510 LHOB

FAILED Cryptography exports:
Voted to kill Rep. Cantwell's export provisions in the
House Intelligence Committee on 6/15/94.

14 TX Laughlin, Gregory H. (D) 1-202-225-2831 1-202-225-1108
236 Cannon

FAILED Cryptography exports:
Voted to kill Rep. Cantwell's export provisions in the
House Intelligence Committee on 6/15/94.

16 TX Coleman, Ronald D. (D) 1-202-225-4831 None
440 Cannon

FAILED Cryptography exports:
Voted to kill Rep. Cantwell's export provisions in the
House Intelligence Committee on 6/15/94.

19 TX Combest, Larry (R) 1-202-225-4005 1-202-225-9615
1511 LHOB

FAILED Cryptography exports:
Voted to kill Rep. Cantwell's export provisions in the
House Intelligence Committee on 6/15/94.

1 UT Hansen, James V. (R) 1-202-225-0453 1-202-225-5857
2466 RHOB

FAILED Cryptography exports:
Voted to kill Rep. Cantwell's export provisions in the
House Intelligence Committee on 6/15/94.

6 WA Dicks, Norman D. (D) 1-202-225-5916 1-202-226-1176
2467 RHOB

FAILED Cryptography exports:
Voted to kill Rep. Cantwell's export provisions in the
House Intelligence Committee on 6/15/94.

--------------------------------------------------------------
What is the Cantwell bill?

The Cantwell bill would permit companies to export products with
encryption technology in them. US companies are currently
not permitted to export products (hardware or software) with this
technology in them.

What is encryption technology?

Encryption technology, or cryptography, is the art of scrambling
a conversation so that only the people communicating can decode
it. Other people (such as eavesdroppers) cannot learn about
the conversation.

Where is cryptography being used?

Cryptography is used to encrypt electronic mail to protect its confidentiality
in transit. It's used by bank automatic teller machines to protect
sensitive data (such as your account number, your Personal Identification
Number, and your bank balance). It can be implemented into software
(such as electronic mail programs and word processors) as well as hardware
(such as telephones and "walkie-talkies") to ensure your privacy.

Why is there a restriction on exporting products with technology
in them?

For many years the United States was a leading researcher in
cryptography. High quality cryptographic technology was available only
within the United States. The US government thought that if they did
not let this technology be exported, foreign individuals would not be able
to obtain it and use it against us (by keeping US intelligence agencies
from eavesdropping on their communications)

Since then, cryptography research has been published in international
journals. Companies have been created throughout the world who
export cryptographic technology from countries that do not have
these restrictions. You can now buy the same, high-quality cryptographic
technology from many international firms. Although the marketplace
has changed, the regulations have not.

Why should the regulations be changed?

US companies compete in a global marketplace. Because of the export
regulations, they often compete alongside products with superior
cryptographic capabilities built into them.

The result is that US companies build their products with
an inferior encryption technology. The result of this is that
you, as an American consumer, have great difficulty obtaining
products with strong encryption in them.

Because US products cannot compete against products with better
privacy features, and because the laws are outdated, the regulations
should be changed. The Cantwell bill fixes these regulations to more
accurately resemble the current situation of the world marketplace.

How can I help encourage more privacy-enhanced products and
pass the Cantwell bill?

Call or write your representative and ask them to support or cosponsor
Rep. Cantwell's export provisions (formerly HR 3627) in the General
Export Administration Act, HR 3937. You can base your letter on the
sample communication below.

SAMPLE LETTER OR PHONE CALL

The Honorable ____________
address
Washington DC, 20515

Dear Congressman or Congresswoman,

As a citizen concerned for my privacy, as well as a supporter of
American business, I urge you to cosponsor the Rep. Cantwell's
cryptographic export provisions (formerly HR 3627) in the General
Export Administration Act, HR 3937.

The bill would allow US companies to produce and export products with
cryptographic privacy-enhancing technology in them. These products
are already available from firms throughout the world. US companies
lose nearly $100 million per year in exports to them.

By encouraging this industry, ordinary citizens like you and me would
be able to purchase products with better privacy features.

Please support or co-sponsor HR 3937.

Sincerely,

___________________________________

------------------------------

Date: Fri, 24 Jun 94 23:26:47 MDT
From: [email protected](Alan Dunkin)
Subject: File 4--Terisa_Systems.html

RSA AND EIT JOINT VENTURE WILL MAKE INTERNET TRANSACTIONS SECURE

PRESS CONTACTS:

Kurt Stammberger Nancy Teater
RSA Data Security Inc. Hamilton Communications
Phone: (415) 595-8782 Phone: (415) 321-0252
Internet: [email protected] Internet: [email protected]

FOR IMMEDIATE RELEASE

PALO ALTO, Calif., June 13, 1994 -- RSA Data Security Inc. (RSA) and
Enterprise Integration Technologies Corp. (EIT) today announced the
formation of Terisa Systems, a joint venture that will market, license
and support technologies that make secure Internet transactions
possible. The new company will provide toolkits and support to
developers of Internet applications for the World Wide Web (WWW) and
NCSA Mosaic.

RSA is the world leader in commercial cryptography and principal
source of public key cryptosystems; EIT is a leading developer of
software supporting commercial use of the Internet. Terisa Systems
will combine the strengths of both companies to provide developers of
Internet applications with a complete, consistent, and well-supported
solution to their security needs.

Initial toolkits from Terisa Systems will support the development of
secure WWW clients and servers. The World Wide Web is a popular
Internet application architecture that enables easy access to
multimedia information distributed across the thousands of computers
that comprise the Internet. However, use of the WWW in commerce
requires features such as authentication, authorization, encryption
and payment that are currently not well supported.

Terisa Systems will provide an integrated solution to all of these
needs based on RSA's public key cryptography and EIT's Secure-HTTP
(HyperText Transfer Protocol), an enhanced version of the World Wide
Web's internal communications language. Secure-HTTP ensures the
authenticity of transactions and the confidentiality of information
exchanged via HTTP. With a Secure-HTTP enabled application, a user can
affix digital signatures that cannot be repudiated, permitting digital
contracts that are legally binding and auditable. In addition,
sensitive information such as credit card numbers and bid amounts can
be encrypted and securely exchanged.

Secure-HTTP can incorporate a variety of cryptographic standards and
support interoperation between programs using different cryptographic
algorithms. This is particularly useful for interaction between
domestic and foreign users, where foreign users may not have access to
the same algorithms as domestic users.

Allan M. Schiffman, chief technical officer of EIT, said, "We've had
tremendous interest on the part of developers in Secure-HTTP, but
haven't been able to address their needs for a fully integrated
package. Terisa Systems will provide 'one-stop shopping' for
developers and give them the technology and support they need to get
their applications to the market quickly."

According to John Young, chairman of Smart Valley Inc., "The Internet
has been evolving quickly as a medium where businesses can interact,
but it is weak in key areas, such as security, which is critically
important to business. Terisa Systems is taking a significant step
forward in enabling electronic commerce by providing a standard
security implementation for software developers in this market."

RSA Technology

Terisa Systems' Secure-HTTP toolkits will use RSA public key
cryptography technology to permit spontaneous, secure communications
between unfamiliar correspondents over non-secure, open, public
networks. RSA's technology provides privacy through encryption and
authentication through digital signatures. Terisa Systems will be the
one source from which WWW application developers can obtain RSA
security technology, complete with Secure-HTTP integration and
support.

Public key cryptography is a security technique that uses a matched
pair of encryption keys. Data encrypted with an RSA public key can
only be decrypted with the corresponding RSA secret key, and
vice-versa. In contrast, traditional shared-key cryptography requires
correspondents to agree on a secret encryption key before they can
communicate. Public key cryptography avoids the need for prior
agreement on keys, thus assuring security between unfamiliar
correspondents.

James Bidzos, president of RSA, said, "Rapidly growing interest in
business use of the Internet is producing a lot of interest in our
security technologies. Developers, however, have been looking for a
consistent, interoperable, and quick way to incorporate these
technologies. Terisa Systems will meet these needs by delivering RSA
cryptography wrapped in a high-value Web security system."

NCSA Mosaic

NCSA Mosaic, one of the most popular World Wide Web browsers, was
developed by the National Center for Supercomputing Applications
(NCSA) at the University of Illinois. Mosaic is a multi-platform
program with a point-and-click user interface for accessing the
Internet and is primarily known for its ability to view multimedia
World Wide Web information. NCSA also distributes NCSA HTTPD, a WWW
server software package that makes information available to Mosaic and
other WWW browsers. The first toolkits from Terisa Systems will
include support for implementation of Secure-HTTP in NCSA Mosaic and
NCSA HTTPD.

In April, EIT, RSA, and NCSA announced an agreement to jointly develop
and distribute secure versions of NCSA Mosaic and NCSA HTTPD based on
RSA's public key cryptography and EIT's Secure-HTTP software. The
enhancements are to be made available to NCSA for widespread public
distribution for non-commercial use; Terisa Systems will now assume
the responsibility of providing these versions. Terisa Systems'
commercial line of toolkits and support systems will further enhance
the secure Mosaic and HTTPD implementations with additional
performance, functions and support options.

According to Joseph Hardin, director of the group that developed NCSA
Mosaic, "Mosaic's growth in the marketplace has been explosive, and
has positioned it as the application of choice for users of the World
Wide Web. With Secure-HTTP, Mosaic can become a framework for
companies to engage easily in routine commerce on the Internet. By
providing a standard source for toolkits and support, Terisa Systems
will address the need of developers to implement Secure-HTTP
applications quickly so they can compete in the World Wide Web
marketplace."

Products and Services

Terisa Systems will deliver a full line of toolkits and services.

SecureWeb Viewer Developer's Toolkit
Intended for developers of World Wide Web clients, this toolkit
is used to create viewers and other applications that can
communicate with Secure-HTTP enhanced WWW servers. In addition,
the toolkit will include a facility for managing multiple
certificates and keys, enabling, for example, the automatic
selection of an appropriate key through negotiation with the
server. User interface components will provide
easy-to-understand control over secure communications, using
icons to make clear the status of confidential or digitally
signed documents and other information.

SecureWeb Server Developer's Toolkit
Intended for developers of World Wide Web servers, this toolkit
facilitates the creation of WWW servers that communicate with
Secure-HTTP enhanced viewers. The toolkit addresses the more
demanding server aspects of key and certificate administration.
It includes tools for storing and managing multiple keys and
certificates, associating appropriate keys with requests for
particular documents, and managing the revocation of
certificates and keys. It also will provide a stronger and more
manageable document access control system.

Certificates
Certificates are central to the use of public keys, for they
guarantee public key authenticity. While Secure-HTTP works with
hierarchical public key certificates issued by major
institutions, in the future, Terisa Systems plans to provide
toolkits that allow organizations to issue their own
certificates. These certificates, called "lightweight" because
they may not be supported by rigorous user validation, enable
businesses to manage the certification process and issue their
own certificates.

Availability
Initial implementations of Secure-HTTP and Secure-HTTPD will be
provided to NCSA in September, 1994 for subsequent
non-commercial distribution. Fully-supported Terisa Systems
commercial security products will be available in the fourth
quarter of 1994.

In addition to toolkits, Terisa Systems will provide full support
services, including technical support, tutorials, training, an on-line
information service and custom consulting.

RSA Data Security Inc., Redwood City, Calif., invented the leading
public key cryptography system and performs basic research and
development in cryptography. RSA markets software that facilitates the
integration of their technology into applications.

Enterprise Integration Technologies Corp. (EIT), of Palo Alto, Calif.,
is an R&D and consulting organization, developing software and
services that help companies do business on the Internet. EIT is also
the project manager for CommerceNet, the first large-scale market
trial of electronic commerce on the Internet.

Additional information on Terisa Systems can be obtained by sending
e-mail to [email protected]. Telephone (415) 617-1836. Additional
information on Secure-HTTP is available by sending e-mail to
[email protected]; additional RSA Data Security information is
available by sending e-mail to [email protected].

_________________________________________________________________

Copyright (C) 1994 RSA Data Security, Inc. All rights reserved.

(Go to Overview of RSA Press Releases)
(Go to Recent Press Releases)
(Go to RSA's Home Page)

Last modified: Sun, 12 Jun 1994 19:26:02 -0700, <[email protected]>

------------------------------

End of Computer Underground Digest #6.58
************************************