How so?

IPSec and e-mail encrypters are implemented within existing insecure computer systems. This burdens the PKI with cumbersome lists of compromised keys. Such success as we have had with PKI-based security is often under attack from network providers. Most VPN users have had the experience of trying to communicate security with their corporate networks, only to find that the conference center, university, or even hotel at which they are located blocks the IPSec port.

In the bigger picture, can you point to a technological development in the last five years that will dramatically alter the shape of cryptography going forward -- in other words, a development that is forcing a change in how we've approached cryptography in recent decades?

For the long run, the 2005 announcement of cryptographic Suite B, a set of public algorithms (mostly federal standards) certified for protection of all levels of classified information. If Suite B has as much impact on worldwide cryptographic practice as DES did, we can expect a big improvement in the security and interoperability of cryptographic security systems worldwide.

How does Sun's current strategy fit in with the future direction of cryptography?