Previous message: "Frank Sudia's proposal: Let's revive encryption key escrow" http://www.politechbot.com/p-02519.html *********** Date: Mon, 17 Sep 2001 19:42:07 -0700 To: declanat_private From: Carl Ellison <cmeat_private> Subject: Re: FC: Frank Sudia's proposal: Let's revive encryption key escrow Cc: politechat_private, fsudiaat_private, frankat_private In-Reply-To: <5.0.2.1.0.20010916185550.01ff22c0at_private> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 At 07:04 PM 9/16/2001 -0400, Declan McCullagh wrote: >Frank Sudia's bio says that he is a programmer, a lawyer, a public >policy analyst, and a co-founder of the CertCo encryption company, >formerly part of Bankers Trust. He is also the creator of the >"Bankers Trust Corporate Key Escrow System." > >His paper (see the link below) is a suggestion for a route for >Congress to take if they "decided to require all encryption systems >to be readable by authorized legal authorities." Declan: The idea of amending the 4th Amendment is laughable. Is this a satire? Frank: if you want to be taken seriously, you need to address the fact that no one has any control over cryptographic technology. There is no way to mandate the use of GAK. There is no way to detect deviations from GAK. The discussions in your paper are all irrelevant, in the face of that one fact. We are not dealing with a technology that is under the control of the US Congress. The original GAK proponents once claimed that, but it is not true. Ubiquitous non-GAK cryptography is one of those things that is a side effect of the confluence of: 1. cheap, ubiquitous, high power computing 2. freedom of speech 3. programming languages Which of those three would you eliminate in order to make it possible for some governmental entity to exercise control over the kind of cryptography that is available in the world? - Carl P.S. Don't tell me about your qualifications as a designer of Key Escrow systems without looking first at the list of inventors on the Key Escrow patents by Trusted Information Systems. -----BEGIN PGP SIGNATURE----- Version: PGP 6.5.8 iQA/AwUBO6a0fnPxfjyW5ytxEQLXoQCgyN5b2KtondMrC4NI9dih/9ZureUAn0ii bqQYsgYc1la5KXmOJqejTosl =OHNG -----END PGP SIGNATURE----- +------------------------------------------------------------------+ |Carl M. Ellison cmeat_private http://world.std.com/~cme | | PGP: 08FF BA05 599B 49D2 23C6 6FFD 36BA D342 | +--Officer, officer, arrest that man. He's whistling a dirty song.-+ *********** Date: Sun, 16 Sep 2001 16:58:12 -0700 To: declanat_private, politechat_private From: Lizard <lizardat_private> Subject: Re: FC: Frank Sudia's proposal: Let's revive encryption key escrow Cc: fsudiaat_private, frankat_private In-Reply-To: <5.0.2.1.0.20010916185550.01ff22c0at_private> Gods, this guy has crawled right out of the pages of "Atlas Shrugged" -- the government seizing patents in the name of 'the public good'? Sheesh. Shall we be seeing an "Equalization of Opportunity Act" next? There is no act of government which can guarantee safety -- but many acts can guarantee tyranny. Liberty for security is a fool's bargain. You get neither. *********** Date: Sun, 16 Sep 2001 20:01:01 -0400 From: Nat <nathaniel.echolsat_private> To: Declan McCullagh <declanat_private> cc: politechat_private Subject: Re: FC: Frank Sudia's proposal: Let's revive encryption key escrow In-Reply-To: <5.0.2.1.0.20010916185550.01ff22c0at_private> Not exactly related to this post, but gov't. vs encryption in general: I was attempting to explain to a non-technical (but very intelligent) classmate why legal restrictions on encryption and no-authorization-required snooping into computers and private communications was so much more worrying than other losses of freedom we're bound to suffer. I'm happy to go through a strip-search at the airport if it allows me to use public transportation (which is really what commercial airlines are- just operated by private entities), or to deal with restrictions on firearm use. These are intended to prevent immediate harm to others, and are directed towards dangerous *actions* alone. Cryptography, on the other hand, cannot be used to kill. I'd imagine few people want a truly unregulated Internet- lack of restrictions on, say, computer hacking, harassment through email, or DoS attacks would be awful. These are still cases of individuals directly causing damage to others- here, by destruction of data and/or property. Governments are only as good as the people in them. When the power of individual bureaucrats becomes too large, it is abused. If we submit to government monitoring of communications, we're at the mercy of the folks reading our email. We allow armed government officials to patrol our streets and search our bags, but this is always done in public. How can we tell who reads our data, and when, and how they use it? What's to prevent a malicious official like the one who installed monitoring software on judges' machines from seeing everything we do- and using it for decidedly illegal purposes? My friend says "well, I don't have anything to hide." Not from the government itself, perhaps, but who knows what underpaid spook might see value in his electronic communications. My father works with federal officials, some good, some bad, in scientific research, and he's seen people who should know better using emails they weren't supposed to see for personal advantage. His philosophy has always been "Never, ever assume anything you send won't come back to bite you in the ass", but no one should have to worry about *everything* they send being read by someone or something else. A writer with more coherence and legal training than I needs to come up with a comprehensive argument for why public *should* care about this issue, regardless of whether they have anything to hide. -Nat *********** From: "Dale Robertson" <dalerobertsonat_private> To: declanat_private, frankat_private Cc: dalerobertsonat_private Subject: Re: FC: Frank Sudia's proposal: Let's revive encryption key escrow Date: Mon, 17 Sep 2001 07:35:15 Declan: Frank Sudia www.SudiaLab.com frankat_private Frank: Well, I suppose that in addition to a government back door to encryption, we should also allow (ie: acquiesce) the government to open our sealed envelopes which have otherwise been properly posted? And, while we are at it, I suppose that we ought to do away with the 1st and 4th ammendments to the Constitution for the United States. No, really, I don't think that any of the foregoing is a very bright idea. It is in point of fact the path by which tyrants of all color and all time have achieved their totalitarian goals. Personally, I want no part of it and will defend with determination the principles and practice of that collection of rights guaranteed under our constitution. If it is security you wish, then I suggest that you petition your government to have you locked up for in that state and under those conditions you will find a nearly perfect "security". Thanks anyway. Dale Robertson dalerobertsonat_private *********** ------------------------------------------------------------------------- POLITECH -- Declan McCullagh's politics and technology mailing list You may redistribute this message freely if you include this notice. Declan McCullagh's photographs are at http://www.mccullagh.org/ To subscribe to Politech: http://www.politechbot.com/info/subscribe.html This message is archived at http://www.politechbot.com/ -------------------------------------------------------------------------
This archive was generated by hypermail 2b30 : Thu Sep 20 2001 - 01:02:46 PDT