[E-Lang] Fwd: Schneier's Views on DRM?

[Karp, Alan]

> -----Original Message-----
> From: Dan Moniz [mailto:dnm@pobox.com]
> Sent: Sunday, November 05, 2000 8:48 PM
> To: john@opencola.com; karl@opencola.com; grad@opencola.com;
> george@opencola.com; paul@opencola.com; cory@opencola.com;
> joey@opencola.com; chris@opencola.com
> Cc: e-lang@eros-os.org
> Subject: [E-Lang] Fwd: Schneier's Views on DRM?
> 
> 
> [ Interesting. Bruce has come very close in a lot of his 
> writings of late 
> to the capability-based security side of the fence without 
> saying as much. 
> This article, although not Schneier's own, but in reference 
> to it, makes 
> note of InterTrust as DRM. Honestly, and maybe I'm tooting my 
> own horn 
> here, but InterTrust is copy protection, which they believe 
> is digital 
> rights management. I think that's wrong. They're copy 
> protection. *We're* 
> rights management.
> --dnm ]

Interesting comment.  HP hired Schneier's company, then called Counterpane,
to review the original e-speak access control mechanisms, the split
capabilities of e-speak Beta 2.2.  From the comments they made, e.g., "Name
hiding doesn't work" even though name hiding wasn't used, I concluded that
they didn't understand what we were doing.  They also made the
recommendation that all access control be based purely on crypographic
mechanisms, leading me to believe that they did not fully appreciate
capabilities.  (To my mind cryptography is only a means to protect
capabilities that are kept in the client address space.  It's not needed for
those kept in the TCB as we did.)  To their credit, Schneier's people
contributed to the e-speak 3.0 Developers' Release access control mechanisms
that use SPKI certificates as capabilities.

_________________________
Alan Karp
Principal Scientist
Decision Technology Department
Hewlett-Packard Laboratories MS 1U-2
1501 Page Mill Road
Palo Alto, CA 94304
(650) 857-3967, fax (650) 857-6278