|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [Muscle] .Net remoting channel, muscle://
From: Peter Williams (home_pw
msn.com)
Date: Mon Feb 28 2005 - 15:48:27 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I think you are correct in your thesis, but Ill send you a rejoinder
privately - how the brave new world of the thesis could easily go so, so
sour - so easily, if phone company marketing had an ideal world to sell to.
One of the matters that distinguishes .NET on the WindowsPhone vs .NET on
the Intel platform or .NET Smartcard Platform is how the TPM integrity
metrics shall be collected. This will affect how the muscle .NET applet is
or is not loaded in a TPM-enabled .NET smartcard - whether the vendor must
first be signed up to a VeriSign/Microsoft CA, fall under US law therefore,
and whether there are integrity metrics in the cards TPM database, to
distinguish managed applet from unmanaged applet code (which might leverage
pre-issance native code - on .NET cards that are not native MSIL).
For Microsoft/Intel trusted computing to work on .NET smartcard platforms,
as a voluntary option, there has to be an integrity metrics database - of
all the software you are ever likely to want to put on your
smartcard/PC/phone. One sees now why Microsoft will keep its PC/server
paltform spyware program scanner free, so long as you populate the spynet
database with constant updates, for the billions of software
version/variants that exist.. Keeping out spyware is the inverse of
collating the integrity verification database for the TPM veriifcation
database to make Longhorn's opt-in TPM option, viable. Everything Ive ever
learned about Microsoft pursaudes me TPM opt-in will be truely opt-ins; and
they will go the extra trip around the world to make sure the "PC" stays
the PC, not a instrument of control.
In the case of .NET smartcards with a supposed .NET muscle applet, or a
smartphone similarly provisioned with the same kind of applet, its not
clear how they will collect the TPM's applet or phone-applet intregrity
metrics. The whole point of the integrity controls are, of course, the
phone wont even boot, if you have made an unauthorized change to your
hardware/software config, like install an unrecognized applet/program. But
as phone and smartcard platforms converge with the PC/server platform, its
not clear how third parties other than the phone companiues can manage the
TPM database, and keep the phone's security configuration independent of
the phone/data service provider.
Peter.
----- Original Message -----
From: "Anders Rundgren" <anders.rundgrentelia.com>
To: "MUSCLE" <musclelists.musclecard.com>
Sent: Sunday, February 27, 2005 1:05 PM
Subject: Re: [Muscle] .Net remoting channel, muscle://
> Another, somewhat related thought experiment:
>
> http://web.telia.com/~u18116613/TheUniversalAccessControlCard.pdf
>
> Anders R
_______________________________________________
Muscle mailing list
Musclelists.musclecard.com
http://lists.drizzle.com/mailman/listinfo/muscle
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]