Sun Microsystems Inc chief technology officer and employee number 92 Eric Schmidt believes the whole Web/net security model is fundamentally flawed and that the industry must move to an end-to-end encryption solution. It’s not that the technology isn’t available to do it; RSA Data Security Inc public key encryption plus further developments of other existing techniques will be quite adequate for the job, he believes. To this end, Sun has partnered with Apple, IBM, Motorola, Netscape, Nortel, Novell, and Silicon Graphics Inc to build what they are calling a Platform-Independent Cryptography set of application programming interfaces, dubbed PICA, using RSA Data Security Inc’s Public Key Cryptography Standard (PKCS). The idea is that PICA will bridge vendors’ different approaches to data encryption so that developers can add security features such as Secure Sockets Layer, Data Encryption Standard and smartcards on to electronic commerce, banking, electronic data interchange and other applications, regardless of the platform on which they are run. The PICA companies say they will also work to make the task of developing differing security requirements for the US and overseas markets easier. They’ll hold development meetings before the year-end. The only difference between this initiative and the five-year-old PKCS group’s work, which includes Microsoft, is that PICA hopes to co-ordinate its efforts with the W3C Consortium and Internet Engineering Task Force. Schmidt also so unded a warning to the bevy of companies now peddling intranet firewalls arguing the technology will be no use in the long term because they (firewalls) stop everything getting through. And by the way we will overcome those stupid export controls. he .declared.
