FC: More on Frank Sudia's proposal to revive encryption key escrow

From: Declan McCullagh (declanat_private)
Date: Wed Sep 19 2001 - 21:50:52 PDT

  • Next message: Declan McCullagh: "FC: More on urban legends born after WTC-Pentagon attacks"

    Previous message:
    
    "Frank Sudia's proposal: Let's revive encryption key escrow"
    http://www.politechbot.com/p-02519.html
    
    ***********
    
    Date: Mon, 17 Sep 2001 19:42:07 -0700
    To: declanat_private
    From: Carl Ellison <cmeat_private>
    Subject: Re: FC: Frank Sudia's proposal: Let's revive encryption key
       escrow
    Cc: politechat_private, fsudiaat_private, frankat_private
    In-Reply-To: <5.0.2.1.0.20010916185550.01ff22c0at_private>
    
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1
    
    At 07:04 PM 9/16/2001 -0400, Declan McCullagh wrote:
     >Frank Sudia's bio says that he is a programmer, a lawyer, a public
     >policy  analyst, and a co-founder of the CertCo encryption company,
     >formerly part  of Bankers Trust. He is also the creator of the
     >"Bankers Trust Corporate  Key Escrow System."
     >
     >His paper (see the link below)  is a suggestion for a route for
     >Congress to  take if they "decided to require all encryption systems
     >to be readable by  authorized legal authorities."
    
    Declan:
    
    	The idea of amending the 4th Amendment is laughable.  Is this a
    satire?
    
    Frank:
    
    	if you want to be taken seriously, you need to address the fact that
    no one has any control over cryptographic technology.  There is no
    way to mandate the use of GAK.  There is no way to detect deviations
    from GAK.  The discussions in your paper are all irrelevant, in the
    face of that one fact.
    
    	We are not dealing with a technology that is under the control of
    the US Congress.  The original GAK proponents once claimed that, but
    it is not true.
    
    	Ubiquitous non-GAK cryptography is one of those things that is a
    side effect of the confluence of:
    
    1.	cheap, ubiquitous, high power computing
    2.	freedom of speech
    3.	programming languages
    
    	Which of those three would you eliminate in order to make it
    possible for some governmental entity to exercise control over the
    kind of cryptography that is available in the world?
    
      - Carl
    
    P.S.  Don't tell me about your qualifications as a designer of Key
    Escrow systems without looking first at the list of inventors on the
    Key Escrow patents by Trusted Information Systems.
    
    -----BEGIN PGP SIGNATURE-----
    Version: PGP 6.5.8
    
    iQA/AwUBO6a0fnPxfjyW5ytxEQLXoQCgyN5b2KtondMrC4NI9dih/9ZureUAn0ii
    bqQYsgYc1la5KXmOJqejTosl
    =OHNG
    -----END PGP SIGNATURE-----
    
    
    +------------------------------------------------------------------+
    |Carl M. Ellison         cmeat_private     http://world.std.com/~cme |
    |    PGP: 08FF BA05 599B 49D2  23C6 6FFD 36BA D342                 |
    +--Officer, officer, arrest that man. He's whistling a dirty song.-+
    
    ***********
    
    Date: Sun, 16 Sep 2001 16:58:12 -0700
    To: declanat_private, politechat_private
    From: Lizard <lizardat_private>
    Subject: Re: FC: Frank Sudia's proposal: Let's revive encryption key
       escrow
    Cc: fsudiaat_private, frankat_private
    In-Reply-To: <5.0.2.1.0.20010916185550.01ff22c0at_private>
    
    Gods, this guy has crawled right out of the pages of "Atlas Shrugged" -- 
    the government seizing patents in the name of 'the public good'? Sheesh. 
    Shall we be seeing an "Equalization of Opportunity Act" next?
    
    There is no act of government which can guarantee safety -- but many acts 
    can guarantee tyranny. Liberty for security is a fool's bargain. You get 
    neither.
    
    ***********
    
    Date: Sun, 16 Sep 2001 20:01:01 -0400
    From: Nat <nathaniel.echolsat_private>
    To: Declan McCullagh <declanat_private>
    cc: politechat_private
    Subject: Re: FC: Frank Sudia's proposal: Let's revive encryption key escrow
    In-Reply-To: <5.0.2.1.0.20010916185550.01ff22c0at_private>
    
    Not exactly related to this post, but gov't. vs encryption in general: I
    was attempting to explain to a non-technical (but very intelligent)
    classmate why legal restrictions on encryption and
    no-authorization-required snooping into computers and private
    communications was so much more worrying than other losses of freedom
    we're bound to suffer.
    
    I'm happy to go through a strip-search at the airport if it allows me to
    use public transportation (which is really what commercial airlines are-
    just operated by private entities), or to deal with restrictions on
    firearm use.  These are intended to prevent immediate harm to others, and
    are directed towards dangerous *actions* alone.  Cryptography, on the
    other hand, cannot be used to kill.  I'd imagine few people want a truly
    unregulated Internet- lack of restrictions on, say, computer hacking,
    harassment through email, or DoS attacks would be awful.  These are still
    cases of individuals directly causing damage to others- here, by
    destruction of data and/or property.
    
    Governments are only as good as the people in them.  When the power of
    individual bureaucrats becomes too large, it is abused.  If we submit to
    government monitoring of communications, we're at the mercy of the folks
    reading our email.  We allow armed government officials to patrol our
    streets and search our bags, but this is always done in public.  How can
    we tell who reads our data, and when, and how they use it?  What's to
    prevent a malicious official like the one who installed monitoring
    software on judges' machines from seeing everything we do- and using it
    for decidedly illegal purposes?
    
    My friend says "well, I don't have anything to hide."  Not from the
    government itself, perhaps, but who knows what underpaid spook might see
    value in his electronic communications.  My father works with federal
    officials, some good, some bad, in scientific research, and he's seen
    people who should know better using emails they weren't supposed to see
    for personal advantage.  His philosophy has always been "Never, ever
    assume anything you send won't come back to bite you in the ass", but no
    one should have to worry about *everything* they send being read by
    someone or something else.
    
    A writer with more coherence and legal training than I needs to come up
    with a comprehensive argument for why public *should* care about this
    issue, regardless of whether they have anything to hide.
    
    -Nat
    
    ***********
    
    From: "Dale Robertson" <dalerobertsonat_private>
    To: declanat_private, frankat_private
    Cc: dalerobertsonat_private
    Subject: Re: FC: Frank Sudia's proposal: Let's revive encryption key escrow
    Date: Mon, 17 Sep 2001 07:35:15
    
    Declan:
    
    Frank Sudia
    www.SudiaLab.com
    frankat_private
    
    Frank:
    
    Well, I suppose that in addition to a government back door to encryption, 
    we should also allow (ie: acquiesce) the government to open our sealed 
    envelopes which have otherwise been properly posted?
    
    And, while we are at it, I suppose that we ought to do away with the 1st 
    and 4th ammendments to the Constitution for the United States.
    
    No, really, I don't think that any of the foregoing is a very bright idea. 
    It is in point of fact the path by which tyrants of all color and all time 
    have achieved their totalitarian goals.
    
    Personally, I want no part of it and will defend with determination the 
    principles and practice of that collection of rights guaranteed under our 
    constitution.
    
    If it is security you wish, then I suggest that you petition your 
    government to have you locked up for in that state and under those 
    conditions you will find a nearly perfect "security".
    
    Thanks anyway.
    
    Dale Robertson
    dalerobertsonat_private
    
    ***********
    
    
    
    
    -------------------------------------------------------------------------
    POLITECH -- Declan McCullagh's politics and technology mailing list
    You may redistribute this message freely if you include this notice.
    Declan McCullagh's photographs are at http://www.mccullagh.org/
    To subscribe to Politech: http://www.politechbot.com/info/subscribe.html
    This message is archived at http://www.politechbot.com/
    -------------------------------------------------------------------------
    



    This archive was generated by hypermail 2b30 : Thu Sep 20 2001 - 01:02:46 PDT