January 1993 - cypherpunks-legacy

FYI: New report on public public-key infrastructure available
by gnu 02 Jan '93

02 Jan '93

------- Forwarded Message To: John Gilmore <hoptoad!gnu(a)uunet.UU.NET> Subject: FYI: New report on public public-key infrastructure available Date: Tue, 01 Dec 92 19:37:12 +0000 From: Mike Roe <Michael.Roe(a)cl.cam.ac.uk> In Europe, an EC-funded project called PASSWORD (`Piloting Authentication and Security Services Within OSI Research and Development') aims to deploy an initial pilot service of privacy and integrity enhanced mail (and several more exotic applications) between academic and industrial organisations throughout Europe. The plans for how we intend to do certificate-based key management are described in a report entitled ``PASSWORD R2.5: Certification Authority Requirements''. Version 1.0 of this report is available by anonymous FTP from: ftp.cl.cam.ac.uk (128.232.0.56) reports/mrr-passwords.dvi.Z I realise that you're probably far too busy with other matters right now, but if you have any comments to make we'd be delighted to hear them. Yours sincerely, Michael Roe Cambridge University Computer Lab Computer Security Group ------- End of Forwarded Message John here. I have pulled this file down and translated it to PostScript (which I haven't tried to read yet). It's in cygnus.com:/pub/mrr-passwords.ps. The "DVI" format he provided is sort of like object files output by TeX; I have no idea why he didn't just provide us the TeX source, or the printable PostScript. John

1 0

Initial Release of Privacy Enhanced Mail
by gnu 02 Jan '93

02 Jan '93

Forwarded from the PEM-DEV mailing list. Message-Id: <9212301932.AA07388(a)TIS.COM> From: James M Galvin <pem-info(a)TIS.COM> To: pem-dev(a)TIS.COM Cc: rsaref-users(a)rsa.com Subject: Initial Release of Privacy Enhanced Mail Date: Wed, 30 Dec 92 14:32:08 -0500 -----BEGIN PRIVACY-ENHANCED MESSAGE----- Proc-Type: 4,MIC-CLEAR Content-Domain: RFC822 Originator-ID-Asymmetric: MEYxCzAJBgNVBAYTAlVTMSQwIgYDVQQKExtUcnV zdGVkIEluZm9ybWF0aW9uIFN5c3RlbXMxETAPBgNVBAsTCEdsZW53b29k,02 MIC-Info: RSA-MD5,RSA,mHp3q4Av7Axil1BTXaaii+9NIdfm7doy00d/aw6TYEj y/eCt6CLpjbJzXHZt0kavc9ygC0eRNxOmAHiXmFC0Qg== Trusted Information Systems Incorporated (TIS), under DARPA sponsorship, in cooperation with RSA Data Security Incorporated (RSADSI), is preparing to release a reference implementation of Privacy Enhanced Mail (TIS/PEM) to the Internet community. TIS/PEM is a UNIX-based implementation that has been integrated with Rand MH 6.7.2 and is easily integrated into other mail user agents. TIS/PEM will be distributed in source form with RSADSI BSAFE object code. It will be widely available within the United States and Canada for non-commercial use (not for resale) with the stipulation that users join the Internet certification hierarchy. You are invited to participate in the testing of the initial release of TIS/PEM. Organizations and individuals must meet the following criteria to be accepted as a tester of the initial release of TIS/PEM. 1. You must be a United States or Canadian organization, or a United States or Canadian citizen residing in the United States or Canada. 2. You must have available the computing resources necessary to run the software and either be responsible for the administration of the resources or be able to delegate the responsibility. 3. You must have FTP access in order to be able to retrieve the software. With this release of TIS/PEM and an Internet certificate, you will be able to send and receive authenticated and confidential electronic mail messages, subject to the constraints of your local security policy. Attached is a field test agreement form. Please review it. If you agree to the terms and wish to participate, reply to this message and we will provide an ftp account for you to retrieve the file. The main features of this agreement are the following: o This test period will last a few months, probably until the end of March. When the test period is complete, we will release this code for general Internet distribution. o There is no charge for the use of this code, but it may only be used by you or within your own organization within the United States or Canada. It may not be given to others outside your organization or sold. (If you have a multinational organization, contact us for further discussion.) o When the system is released for regular use, users must obtain certificates through the regular certificate issuing channels and pay whatever fees are required. During the test period, there is no charge for certificates. When a regular certificate issuing mechanism is in place you will be informed. o We intend for this version of the code to be usable for real traffic. Although new versions of the software will be issued, the messages and certificates generated by this system and the databases maintained by this system should be compatible with future distributions. o We will undoubtedly issue changes, updates, bug fixes, etc. during this period. When we issue updates or new releases, you are obligated to install these changes. o You are free to drop out at any time. Thank you very much for your time. TIS/PEM Beta Test Site Agreement Trusted Information Systems (TIS) in cooperation with RSA Data Security Incorporated (RSADSI) is preparing to release TIS/PEM, a reference implementation of Privacy Enhanced Mail, to the Internet community. The purpose of beta testing is to evaluate TIS/PEM according to the criteria specified below. This agreement protects the interests of the beta testers, TIS, and RSADSI during the beta test period. By accepting a distribution of TIS/PEM during the beta test period, a beta test site agrees to the following: 1. You will acquire no ownership interest in any software, documentation, or other pieces of TIS/PEM as a result of their being distributed to you by Trusted Information Systems during the beta test period. Except as necessary to install and operate the software throughout your organization within the United States, TIS/PEM may not be distributed to others. (If you have a multinational organization, contact us for further discussion.) 2. TIS/PEM is to be used only with certificates issued under a Certification Authority which is itself registered under a permanent or temporary Policy Certification Authority (PCA). TIS is operating a PCA and will supply PCA services without charge during the beta test period. 3. At the conclusion of the beta test period, the beta test site may keep the software and continue to use it provided the site registers with a PCA and pays the appropriate fees. 4. Evaluations, comments, and suggestions about TIS/PEM should be communicated to Trusted Information Systems and may be communicated to other beta testers. 5. A technically competent systems administrator and programmer, someone capable of installing a software system comprising more than 50,000 lines of C source code, is expected to be assigned responsibility for TIS/PEM. All technical communication with a beta test site will be coordinated with this technical point of contact. 6. Upgrades will be installed and evaluated according to the criteria specified below in a timely fashion. Obsolete versions of the system must be taken out of service as quickly as possible. 7. If the site elects to drop out of beta testing, all software, documentation, and other pieces of TIS/PEM as may be distributed during the beta test period must be returned to Trusted Information Systems. During the beta test period, TIS agrees to the following: 1. One copy of all software, documentation, and other pieces of TIS/PEM as may be necessary to its correct and proper operation will be supplied to each beta test site for use during the beta test period. 2. Evaluations, comments, suggestions, bug fixes, and improvements of TIS/PEM will be acknowledged and incorporated into TIS/PEM according to an internal TIS review process. 3. During normal business hours, telephone and electronic mail technical support will be provided to the technical point of contact at each beta test site assigned responsibility for TIS/PEM. 4. One copy of upgrades to TIS/PEM incorporating evaluations, comments, suggestions, bug fixes, and improvements will be supplied to each beta test sites for use during the beta test period. 5. Beta test sites will be informed of the completion of beta testing and may be asked to return all software, documentation, and other pieces of TIS/PEM as may have been distributed during the beta test period. TIS/PEM Evaluation Criteria Beta test sites are requested to evaluation TIS/PEM according to the following criteria. The results of the evaluation must be returned to TIS in order for changes to be incorporated in the next release of TIS/PEM. There are 5 areas of particular interest, but any and all comments are hereby solicited. Beta test sites are asked to evaluate how well we achieve the objectives stated for each area. 1. Installability TIS/PEM is expected to operate on most BSD and SYS5 derived UNIXs. With respect to installability we want to achieve the following objectives: a. TIS/PEM should install smoothly on as many different "flavors" of UNIX as possible. b. TIS/PEM should install smoothly on as many different hardware platforms as possible. c. The installation process should be as simple as possible, but not simpler. Beta test sites are encouraged to port TIS/PEM to as many different software and hardware environments as possible. If possible, enhancements to get TIS/PEM to install smoothly on other versions of UNIX that are returned to TIS will be incorporated into a future distribution of TIS/PEM. 2. Usability TIS/PEM is provided with a command line oriented interface. In particular, it is integrated with the Rand MH Message Handling user agent. This interface was chosen because of the ease with which TIS/PEM could be integrated and because it is in the public domain. For each site, a certificate administrator must be designated who will be responsible for the administration of TIS/PEM. In particular, there is some site specific initialization to be completed. In addition, there is some initialization required to be executed by every user before they can make use of the TIS/PEM enhancements to MH. Depending on local conventions, users may be required to request the initialization of their certificate administrator or they may be able to execute the initialization individually. With respect to usability we want to achieve the following objectives: a. For users familiar with MH, the integration of TIS/PEM and MH should appear to be a natural extension of the MH model. b. The initialization process should be as simple as possible. Users will need to be familiar with MH or be prepared to learn about it. The MH source tree includes a tutorial of the minimal set of commands. In the future it is expected that others will contribute additional user interface software. Beta test sites are encouraged to enhance local user interfaces to include TIS/PEM. If possible, these enhancements will be included in future distributions of TIS/PEM. 3. Performance The performance of TIS/PEM is dominated by the processing time for certificates and cryptography. We have attempted to minimize the impact of these factors but we encourage beta test sites to investigate the operation of the system and identify bottlenecks for which they have suggestions for improvement. With respect to performance we want to achieve the following objective: o The design and model of TIS/PEM, and its integration with various applications, should be such that it will perform as well as it can. Obviously, performance is a subjective criteria. Different architectures will influence performance as much as the overall design of the system. Beta test sites are encouraged to empirically observe the performance of TIS/PEM under various operating conditions and report those results. 4. Interoperability With respect to interoperability we want to achieve the following objectives: a. TIS/PEM should interoperate with other implementations of PEM. b. Future versions of TIS/PEM should be backward compatible with previous versions. 5. Documentation On-line manual pages are provided for all TIS/PEM programs and those programs we have changed as a result of our integration with MH. In addition, we will provide an installation manual, an administrator's manual, and a user's manual. With respect to documentation we want to achieve the following objectives o All documentation should completely and accurately describe TIS/PEM. o All documentation should be easy to understand and easy to use. Beta test sites are encouraged to thoroughly review all documentation and provide feedback to be incorporated in future versions. -----END PRIVACY-ENHANCED MESSAGE-----

1 0

Remailer .sig suppressio
by Hal 02 Jan '93

02 Jan '93

-----BEGIN PGP SIGNED MESSAGE----- From: edgar(a)spectrx.Saigon.COM (Edgar W. Swank) > Hugh Daniels said here on Dec 28: > > There are very good reasons to build remailers (and all mail > tools) to pass on all the bytes they can, trailing spaces and > .sigs included. > > Hugh doesn't say what these reasons are. They are not obvious to me, > so I must disagree. I've already stated what I think are good reasons > at least for remailers whose purpose is anonymity to remove automatic > sigs which are likley to destroy anonymity. > > I've said I would accept either a less ambiguous sig delimiter than > "--" or a remailer option to remove the sig (default) or leave it in. I'll just relate one story that happened to me today. I wanted to try an experiment in which I would use two non-cypherpunks remailers to set up a chained anonymous address. One is anon.penet.fi, which doesn't do any encryption, but which will allow you to specify an arbitrary destination address. The other is pax.tpa.com.au, which does PGP decryption (but you can't encrypt the remailer destination address like you can with our remailers). The Pax remailer lets you send them a PGP key which it saves. Then, any future messages to you are encrypted by the remailer using that key. That way message contents are always protected between Pax and you. I wanted to send Pax a key via the Penet remailer so that Pax wouldn't know who I really was. I tried this, and got a message back from Pax saying: Error: you didn't include a public key for us ! So we can't assign an alias or send you our public key. But I _had_ sent them a public key. After some head-scratching I figured out the answer. My public key had started with the string: "-----BEGIN PGP MESSAGE-----". But the Penet remailer strips sigs, which it considers to be any line starting with "--". It thought my PGP key was a signature! It had stripped it, so that Pax received only a blank message. I haven't thought of a way around this problem yet. Now, Edgar may take as the moral of the story that remailers should have smarter sig recognition. But I take the moral to be that munging mail messages may cause problems when people try to use it for something which you didn't anticipate. Hal -----BEGIN PGP SIGNATURE----- Version: 2.1 iQCVAgUBK0UJOqgTA69YIUw3AQHusQP/YuzvntMZ8XPpfLwwE5YElLjwfKGF0Q2e Cjk1PMmvtcn/bjSCB49lagOs0cEjm9Vt4gsEkTxwVlOya0+WOTeY/zzZAYlf3z4R 9QY7uRSyPQYJlPH6rosifEREMNWksRMCNMlISp8PDh1duJf3BvdwY3nyXk/PABpS LTp6NAFaFi4= =j0Wl -----END PGP SIGNATURE----- Distribution: CYPHERPUNKS >INTERNET:CYPHERPUNKS@TOAD.COM

1 0

Unsubscribe
by S.E. Brown 02 Jan '93

02 Jan '93

Please unsubscribe me to the list. I am on vacation and am not able to clear my mailbox on a regular basis. Thanks Shawn

1 0

CFP'93 Electronic Brochure 1.2 (fwd)
by yanek＠novavax.nova.edu 01 Jan '93

01 Jan '93

Forwarded message: > From: Bruce R Koball <bkoball(a)well.sf.ca.us> > > The Third Conference on Computers, Freedom and Privacy -- CFP'93 > 9-12 March 1993, San Francisco Airport Marriott Hotel, Burlingame, CA > > Sponsored by: Association for Computing Machinery, > Special Interest Groups on: > Communications (SIGCOMM) > Computers and Society (SIGCAS) > Security, Audit and Control (SIGSAC) > > Co-Sponsors and Cooperating Organizations: > > American Civil Liberties Union > American Library Association > Asociacion de Technicos de Informatica > Commission for Liberties and Informatics > Computer Professionals for Social Responsibility > Electronic Frontier Foundation > Freedom to Read Foundation > IEEE Computer Society > IEEE-USA Committee on Communications and Information Policy > Internet Society > Library and Information Technology Association > Privacy International > USD Center for Public Interest Law > U.S. Privacy Council > The WELL (Whole Earth 'Lectronic Link) > > Patrons and Supporters (as of 24 December 1992): > > American Express Corp. > Apple Computer, Inc. > Dun & Bradstreet Corp. > Equifax, Inc. > Information Resource Service Company > Mead Data Central, Inc. > National Science Foundation (pending) > RSA Data Security, Inc. > > > CFP'93 Electronic Brochure 1.2 > > > SCOPE: > > The advance of computer and telecommunications technologies holds great > promise for individuals and society. From convenience for consumers and > efficiency in commerce to improved public health and safety and > increased participation in democratic institutions, these technologies > can fundamentally transform our lives. > > At the same time these technologies pose threats to the ideals of a free > and open society. Personal privacy is increasingly at risk from invasion > by high-tech surveillance and eavesdropping. The myriad databases > containing personal information maintained in the public and private > sectors expose private life to constant scrutiny. > > Technological advances also enable new forms of illegal activity, posing > new problems for legal and law enforcement officials and challenging the > very definitions of crime and civil liberties. But technologies used to > combat these crimes can pose new threats to freedom and privacy. > > Even such fundamental notions as speech, assembly and property are being > transformed by these technologies, throwing into question the basic > Constitutional protections that have guarded them. Similarly, > information knows no borders; as the scope of economies becomes global > and as networked communities transcend international boundaries, ways > must be found to reconcile competing political, social and economic > interests in the digital domain. > > The Third Conference on Computers, Freedom and Privacy will assemble > experts, advocates and interested people from a broad spectrum of > disciplines and backgrounds in a balanced public forum to address the > impact of computer and telecommunications technologies on freedom and > privacy in society. Participants will include people from the fields of > computer science, law, business, research, information, library science, > health, public policy, government, law enforcement, public advocacy and > many others. > > > General Chair > ------------- > Bruce R. Koball > CFP'93 > 2210 Sixth Street > Berkeley, CA 94710 > 510-845-1350 (voice) > 510-845-3946 (fax) > bkoball(a)well.sf.ca.us > > Steering Committee > ------------------ > John Baker Mitch Ratcliffe > Equifax MacWeek Magazine > > Mary J. Culnan Peter G. Neumann > Georgetown University SRI International > > Dorothy Denning David D. Redell > Georgetown University DEC Systems Research Center > > Les Earnest Marc Rotenberg > GeoGroup, Inc. Computer Professionals > for Social Responsibility > Mike Godwin > Electronic Frontier Foundation C. James Schmidt > San Jose State University > Janlori Goldman > American Civil Liberties Union Barbara Simons > IBM > Mark Graham > Pandora Systems Lee Tien > Attorney > Lance J. Hoffman > George Washington University George Trubow > John Marshall Law School > Donald G. Ingraham > Office of the District Attorney Willis Ware > Alameda County, CA Rand Corp. > > John McMullen Jim Warren > NewsBytes MicroTimes & Autodesk, Inc. > > Simona Nass > Student - Cardozo Law School > > Affiliations are listed for identification only. > > > Pre-Conference Tutorials: > On Tuesday 9 March, the day before the formal conference begins, CFP'93 > is offering a number of in-depth tutorials on a wide variety of subjects > on four parallel tracks. These presentations will range from interesting > and informative to thought-provoking and controversial. The tutorials > are available at a nominal additional registration cost. > > Conference Reception: > Following the Tutorials on Tuesday evening, you are invited to meet new > and old friends and colleagues at an opening reception. > > Single Track Main Program: > The technological revolution that is driving change in our society has > many facets and we are often unaware of the way they all fit together, > especially the parts that lie outside of our own expertise and interest. > The primary goal of CFP'93 is to bring together individuals from > disparate disciplines and backgrounds, and engage them in a balanced > discussion of all CFP issues. To this end our main program, starting on > Wednesday 10 March, is on a single track enabling our attendees to take > part in all sessions. > > Registration is Limited: > CFP'93 registration will be limited to 550 attendees, so we advise you > to register as early as possible and take advantage of the early > registration discounts. > > Luncheons and Banquets: > A key component of the CFP conferences has been the interaction between > the diverse communities that constitute our attendees. To promote this > interaction CFP'93 is providing three luncheons and evening two banquets > with the cost of conference registration. > > EFF Pioneer Awards > All conference attendees are invited to the Awards Reception sponsored > by the Electronic Frontier Foundation (EFF) on Wednesday evening, 10 > March. These, the second annual EFF Pioneer Awards, will be given to > individuals and organizations that have made distinguished contributions > to the human and technological realms touched by computer-based > communications. > > Birds of a Feather Sessions: > CFP'93 will provide a limited number of meeting rooms to interested > individuals for special Birds of a Feather sessions after the formal > program each evening. These sessions will provide an opportunity for > special interest discussions that were not included in the formal > program and will be listed in the conference materials. For further > information contact CFP'93 BoF Chair: > > C. James Schmidt > University Librarian > San Jose State University > One Washington Square > San Jose, CA 95192-0028 > voice 408-924-2700 > voice mail 408-924-2966 > e-mail schmidtc(a)sjsuvm1.sjsu.edu > > > CFP'93 Featured Speakers: > > Nicholas Johnson > > Nicholas Johnson was appointed head of the Federal Communications > Commission by President Johnson in 1966, serving a seven year term. In > his role as commissioner, he quickly became an outspoken consumer > advocate, attacking network abuses and insisting that those who use the > frequencies under the FCC license are the public's trustees. He has been > a visiting professor of law at the College of Law at the University of > Iowa since 1981 and is currently co-director of the Institute for > Health, Behavior and Environmental Policy at the University of Ohio. > > Willis H. Ware > > Willis H. Ware has devoted his career to all aspects of computer > science--hardware, software, architectures, software development, public > policy and legislation. He chaired the "HEW committee" whose report was > the foundation for the Federal Privacy Act of 1974. President Ford > appointed him to the Privacy Protection Study Commission whose report > remains the most extensive examination of private sector record-keeping > practices. Dr. Ware is a member of the National Academy of Engineering, > a Fellow of the Institute of Electronic and Electrical Engineers, and a > Fellow of the American Association for Advancement of Science. > > John Perry Barlow > > John Perry Barlow is a retired Wyoming cattle rancher, a lyricist for > the Grateful Dead, and a co-founder of the Electronic Frontier > Foundation. He graduated from Wesleyan University with an honors degree > in comparative religion. He writes and lectures on subjects relating to > digital technology and society, and is a contributing editor of numerous > publications, including Communications of the ACM, NeXTworld, > MicroTimes, and Mondo 2000. > > Cliff Stoll > > Cliff Stoll is best known for tracking a computer intruder across the > international networks in 1987; he told this story in his book, "The > Cuckoo's Egg" and on a Nova television production. He is less known for > having a PhD in planetary science, piecing quilts, making plum jam, and > squeezing lumps of bituminous coal into diamonds. > > > CFP'93 Tutorials: > > Tuesday 9 March - Morning Tutorials > > Information Use in the Private Sector > Jack Reed, Information Resource Service Company > Diane Terry, TransUnion Corp. Dan Jones, D.Y. Jones & Assoc. > > This tutorial will deal with the use of personal information from the > point of view of some private sector information vendors and users. It > will include a discussion of the Fair Credit Reporting Act and the > "Permissible Purposes" for obtaining a consumer credit report. > Information used for purposes outside the FCRA will be discussed in > relationship to privacy and societal needs for businesses and > individuals. > > Access to Government Information: > James Love, Director, Taxpayer Assets Project > > The tutorial will examine a wide range of problems concerning citizen > access to government information, including how to ask for and receive > information under the federal Freedom of Information Act, what types of > information government agencies store on computers, what the barriers > are to citizen access to these information resources, and how citizens > can change government information policy to expand access to taxpayer- > funded information resources. > > Exploring the Internet -- a guided journey > Mark Graham, Pandora Systems Tim Pozar, Late Night Software > > This tutorial will give participants a practical introduction to the > most popular and powerful applications available via the world's largest > computer network, the Internet. There will be hands-on demonstrations > of communications tools such as e-mail, conferencing, Internet Relay > Chat, and resource discovery and navigation aids such as Gopher, WAIS, > Archie and World Wide Web. Extensive documentation will be provided. > > Constitutional Law for Non-lawyers (1/2 session): > Mike Godwin, Staff Counsel, Electronic Frontier Foundation > > This tutorial is designed to inform non-lawyers about the Constitutional > issues that underlie computer-crime and computer civil-liberties cases. > The tutorial focuses on the First and Fourth Amendments, but includes a > discussion of the Fifth Amendment and its possible connection to the > compelled disclosure of cryptographic keys. It also includes a > discussion of the appropriateness of "original intent" as a method for > applying the Constitution in the modern era. > > Civil Liberties Implications of Computer Searches & Seizures (1/2 ses.): > Mike Godwin, Staff Counsel, Electronic Frontier Foundation > > This tutorial assumes only a very basic knowledge of Constitutional law > (the prior tutorial provides an adequate background), and outlines how > searches and seizures of computers may raise issues of First and Fourth > Amendment rights, as well as of federal statutory protections. It > includes a discussion of what proper search-and-seizure techniques in > such cases may be. > > > Tuesday 9 March - Afternoon Tutorials > > Practical Data Inferencing: What we THINK we know about you. > Russell L. Brand, Senior Computer Scientist, Reasoning Systems > > What do your transaction trails reveal about you? Are you a good risk > to insure? Are you worth kidnapping, auditing or suing? Which products > should I target at you? Are you a member of one of those groups that I > would want to harass or discriminate against? This tutorial will be a > hands-on approach to digging for data and to piecing it back together. > Time will be divided between malicious personal invasions and sweeping > searches that seek only profit, followed by a brief discussion about > improper inferences and their practical impact on innocent files and > lives. Legal and moral issues will not be addressed. > > Telecommunications Fraud > Donald P. Delaney, Senior Investigator, New York State Police > > Illegal call sell operations in New York City are estimated to be a > billion dollar industry. This tutorial will provide an overview of the > problem, from finger hacking to pay phone enterprises, and will include > an up-to-date assessment of the computer cracker/hacker/phone phreak > impact on telephone company customer losses. Also discussed will be > unlawful access of telephone company switches; unlawful wiretapping and > monitoring; cards, codes and 950 numbers; New York State law and police > enforcement; methods of investigation and case studies. > > Private Sector Marketplace and Workplace Privacy > Ernest A. Kallman, Bentley College, H. Jeff Smith, Georgetown University > > This tutorial will give participants a general overview of privacy > issues affecting uses of personal information (e.g., medical > information, financial information, purchase histories) in the > marketplace as well as privacy concerns in the workplace (e.g., privacy > of electronic and voice mail, work monitoring). The tutorial will also > set the boundaries for privacy arguments in the middle and latter 1990s. > > SysLaw > Lance Rose, Attorney and Author "SysLaw" > > The SysLaw tutorial session will explore in depth the freedom and > privacy issues encountered by computer bulletin boards (BBS), their > system operators and their users. BBSs are estimated to number over > 45,000 today (not counting corporate systems), and range from small, > spare-time hobby systems to systems with thousands of users, grossing > millions of dollars. BBSs are a grassroots movement with an entry cost > of $1,000 or less, and the primary vehicles for new forms of electronic > communities and services. Subjects covered will include: First Amendment > protection for the BBS as publisher/distributor; data freedom and > property rights on the BBS; how far can sysops control BBS user > activities?; and user privacy on BBSs today. > > Note: Tutorial presenters will offer expert opinions and information. > Some may advocate particular viewpoints and thus may put their own > "spin" on the issues. Caveat Listener. > > > CFP'93 Main Program Sessions: > > Wednesday 10 March > > Electronic Democracy > Chair - Jim Warren, MicroTimes and Autodesk, Inc. > > The effects of computer and telecommunications technologies on > democratic processes and institutions are increasing dramatically. This > session will explore their impacts on political organizing, campaigning, > access to representatives and agencies, and access to government > information that is essential for a free press and an informed > electorate. > > Electronic Voting -- Threats to Democracy > Chair - Rebecca Mercuri, University of Pennsylvania > > This panel session will invite representatives covering a broad spectrum > of involvement with the controversial subject of electronic vote > tallying to address such issues as: Is a secure and reliable electronic > voting system feasible? What threats to these systems are identifiable? > Should electronic voting systems be open for thorough examination? Can > auditability be assured in an anonymous ballot setting? Can voting by > phone be practical and confidential? Did Congress exempt voting machines > from the Computer Security Act? > > Censorship and Free Speech on the Networks > Chair - Barbara Simons, IBM > > As online forums become increasingly pervasive, the notion of "community > standards" becomes harder to pin down. Networks and BBSs will link--or > create--diverse, non-geographic communities with differing standards, > laws, customs and mores. What may be frank discussion in one forum may > be obscenity or defamation or sexual harassment in another. This session > will explore the questions of what kinds of freedom-of-speech problems > face us on the Net and what kinds of legal and social solutions we need. > > Portrait of the Artist on the Net > Chair - Anna Couey, Arts Wire > > Computer forums and networks make possible both new artforms and new > ways of remote collaboration and exhibition. The growth of the Net > creates opportunities for the blossoming of dynamic and interactive > artforms and of artistic cultures -- provided that networks become > widely accessible and remain open to artistic expression without > political interference. This session will examine the potentials and the > problems of art and artists on the Net. > > > > Thursday 11 March > > Digital Telephony and Crypto Policy > Chair - John Podesta, Podesta and Associates > > The increasingly digital nature of telecommunications potentially > threatens the ability of law enforcement agencies to intercept them when > legally authorized to do so. In addition, the potential widespread use > of cryptography may render the ability to intercept a communication > moot. This session will examine these issues and the proposals that > have been put before Congress by law enforcement agencies to address > these perceived problems. > > Health Records and Confidentiality > Chair - Janlori Goldman, American Civil Liberties Union > > As the new Administration and Congress consider proposals to reform the > United States health care system, it is imperative that confidentiality > and security safeguards be put in place to protect personal information. > Currently, no comprehensive legislation exists on the confidentiality of > health information. This session will explore the current and potential > uses of health care information, and proposals to safeguard the > information. > > The Many Faces of Privacy > Chair - Willis Ware, Rand Corp. > > Privacy at any cost is foolish, unwise and an untenable position, and > privacy at zero cost is a myth. This two-part session will explore the > balancing act between the two extremes and the costs and benefits that > accrue. The first part will present several examples of systems and > applications in the public and private sectors that stake out a position > in this continuum. The second part will be a panel discussion > exploring the issues raised by the examples previously presented. > > The Digital Individual > Chair - Max Nelson-Kilger, San Jose State University > > We are all represented by personal records in countless databases. As > these records are accumulated, disseminated and coalesced, each of us is > shadowed by an ever larger and more detailed data alter-ego, which > increasingly stands in for us in many situations without our permission > or even awareness. How does this happen? How does it affect us? How will > it develop in the future? What can we do? This session will investigate > these questions. > > > Friday 12 March > > Gender Issues in Computing and Telecommunications > Chair - Judi Clark, Bay Area Women in Telecommunications > > Online environments are largely determined by the viewpoints of their > users and programmers, still predominantly white men. This panel will > discuss issues of freedom and privacy that tend to affect women -- such > as access, identity, harassment, pornography and online behavior -- and > provide recommendations for gender equity policies to bulletin board > operators and system administrators. > > The Hand That Wields the Gavel > Chair - Don Ingraham, Asst. District Attorney, Alameda County, CA > > An inevitable result of the settlement of Cyberspace is the adaptation > of the law to its particular effects. In this session a panel of > criminal lawyers addresses the fallout from a hypothetical computer > virus on the legal responsibilities of system managers and operators. > The format will be a simulated court hearing. Attendees will act as > advisory jurors in questioning and in rendering a verdict. > > The Power, Politics, and Promise of Internetworking > Chair- Jerry Berman, Electronic Frontier Foundation > > This session will explore the development of internetworking > infrastructures, domestically and worldwide. How will this > infrastructure and its applications be used by the general public? What > will the global network look like to the average user from Kansas to > Kiev? How will politics, technology and legislation influence the > access to, and cost of, the Net? How can the potential of this powerful > medium be fully realized? > > International Data Flow > Chair - George Trubow, John Marshall Law School > > The trans-border flow of information on international computer networks > has been a concern for governments and the private sector. In addition > to concerns for privacy and data security, the economic and national > security implications of this free flow of information among scientists, > engineers and researchers around the world are also cause for concern. > This session will assemble a number of speakers to compare the various > perspectives on the problem > > > > Some of the Speakers in the CFP'93 Main Program: > > Phillip E. Agre, Dept. of Communication, Univ. of California, San Diego > Jonathan P. Allen, Dept. of Information & Computer Science, > University of California, Irvine > Sheri Alpert, Policy Analyst, author: "Medical Records, Privacy, and > Health Care Reform" > William A. Bayse, Assistant Director, Federal Bureau of Investigation > William Behnk, Coordinator, Legislative Information System, State of > California > Paul Bernstein, Attorney > Kate Bloch, Hastings College of the Law > Anita Borg, DEC Network Systems Lab > Richard Civille, Computer Professionals for Social Responsibility > Roger Clarke, Reader in Information Systems, Department of Commerce, > Australian National University > Dorothy Denning, Chair, Computer Science Department, Georgetown > University > Janet Dixon, Stanford Linear Accelerator Center > Robert Edgar, Simon and Schuster Technology Group > Kathleen Frawley, American Health Information Management Association > Emmanuel Gardner, District Manager, Government Affairs, AT&T > Mike Godwin, Staff Counsel, Electronic Frontier Foundation > Joe Green, University of Minnesota > Sarah Grey, Computer Department, We The People, Brown presidential > campaign organization (invited) > Will Hill, Bellcore > Carl Kadie, Co-editor, Computers and Academic Freedom News newsletter > Mitch Kapor, Chairman, Electronic Frontier Foundation > David Lewis, Deputy Registrar, Department of Motor Vehicles, > Commonwealth of Massachusetts > James Love, Director, Taxpayers Assets Project > Judy Malloy, Associate Editor, Leonardo Electronic News > Irwin Mann, Mathematician, New York University > David McCown, Attorney > Rob Mechaley, Vice President, Technology Development, McCaw Cellular > Communications, Inc. > Robert Naegele, Granite Creek Technology Inc., Voting Machine Examiner, > consultant to NY State > Barbara Peterson, Staff Attorney, Joint Committee on Information > Technology Resources, Florida Legislature > Jack Reed, Chairman, Information Resource Service Company > Virginia E. Rezmierski, Assistant for Policy Studies to the Vice > Provost for Information Technology, University of Michigan > Jack Rickard, Editor, Boardwatch Magazine > Randy Ross, American Indian Telecommunications > Roy Saltman, National Institute of Standards and Technology > Robert Ellis Smith, Publisher, Privacy Journal > David Sobel, Computer Professionals for Social Responsibility > Ross Stapleton, Research Analyst, Central Intelligence Agency > Jacob Sullum, Associate Editor, Reason Magazine > Greg Tucker, Coordinator, David Syme Faculty of Business, > Monash University, Australia > Joan Turek-Brezina, Chair, Health and Human Services Task Force on > Privacy of Private-Sector Health Records > > > Registration: > Register for the conference by returning the Conference Registration > Form along with the appropriate payment. The registration fee includes > conference materials, three luncheons (Wednesday, Thursday and Friday), > two banquet dinners (Wednesday and Thursday) and evening receptions > (Tuesday, Wednesday and Thursday). Payment must accompany registration. > > Registration Fees are: > If mailed by: 7 February 8 March on site > Conference Fees: $300 $355 $405 > Tutorial Fees: $135 $165 $195 > Conference & Tutorial $435 $520 $600 > > Registration is limited to 550 participants, so register early and save! > > By Mail: By Fax: > (with Check or Credit Card) (with Credit Card only) > CFP'93 Registration Send Registration Form > 2210 Sixth Street (510) 845-3946 > Berkeley, CA 94710 Available 24 hours > > By Phone: By E-Mail: > (with Credit Card only) (with Credit Card only) > (510) 845-1350 cfp93(a)well.sf.a.us > 10 am to 5 pm Pacific Time > > CFP'93 Scholarships: > The Third Conference on Computers, Freedom and Privacy (CFP'93) will > provide a limited number of full registration scholarships for students > and other interested individuals. These scholarships will cover the full > costs of registration, including three luncheons, two banquets, and all > conference materials. Scholarship recipients will be responsible for > their own lodging and travel expenses. Persons wishing to apply for one > of these fully-paid registrations should contact CFP'93 Scholarship > Chair, John McMullen at: mcmullen(a)mindvox.phantom.com > > Hotel Accommodations: > The Third Conference on Computers, Freedom and Privacy will be held at > the San Francisco Airport Marriott Hotel in Burlingame, CA. This > facility is spacious and comfortable, and is easily accessible from the > airport and surrounding cities. Because of the intensive nature of the > conference, we encourage our attendees to secure their lodging at the > conference facility. Special conference rates of $99/night, single or > multiple occupancy, are available. Our room block is limited and these > conference rates are guaranteed only until 9 February 1993, so we urge > you to make your reservations as early as possible. When calling for > reservations, please be sure to identify the conference to obtain the > conference rate. Hotel Reservations: (415) 692-9100 or (800) 228-9290. > > Refund Policy: > Refund requests received in writing by February 19, 1993 will be > honored. A $50 cancellation fee will be applied. No refunds will be made > after this date; however, you may send a substitute in your place. > > Registration Form > > Name (Please print):__________________________________________________ > > Title:________________________________________________________________ > > Affiliation:__________________________________________________________ > > Mailing Address:______________________________________________________ > > City, State, Zip:_____________________________________________________ > > Country:______________________________________________________________ > > Telephone:_____________________________Fax:___________________________ > > E-mail:_______________________________________________________________ > > Privacy Locks: > We will not sell, rent, loan, exchange or use this information for any > purpose other than official Computers, Freedom and Privacy Conference > activities. A printed roster will be distributed to attendees. Please > indicate the information you wish to be excluded from the roster: > __Print only name, affiliation and phone number > __Print name only > __Omit all information about me in the roster > > Registration Fees (please indicate your selections): > If mailed by: 7 February 8 March on site > Conference Fees: $300__ $355__ $405__ > Tutorial Fees $135__ $165__ $195__ > Conference & Tutorial $435__ $520__ $600__ > > If you have registered for the Tutorials, select one from each group: > 9:00 AM - 12:00 Noon > __Information Use in Private Sector > __Constitutional Law for Non-lawyers & Civil-liberties > Implications of Computer Searches and Seizures > __Access to Government Information > __Exploring the Internet > > 1:30 PM - 4:30 PM > __Practical Data Inferencing: What we THINK we know about you. > __Telecommunications Fraud > __Private Sector Marketplace and Workplace Privacy > __SysLaw > > Payments: Total Amount____________ > > Please indicate method of payment: __Check (payable to CPF'93) > (payment must accompany registration) __VISA > __MasterCard > > Credit card #______________________________Expiration date____________ > > Name on card__________________________________________________________ > > Signature_____________________________________________________________ > > -- Yanek Martinson mthvax.cs.miami.edu!safe0!yanek uunet!medexam!yanek this address preferred -->> yanek(a)novavax.nova.edu <<-- this address preferred Phone (305) 765-6300 daytime FAX: (305) 765-6708 1321 N 65 Way/Hollywood (305) 963-1931 evenings (305) 981-9812 Florida, 33024-5819

1 0