-----BEGIN PGP SIGNED MESSAGE----- At 03:25 PM 7/18/97 -0700, Steve Schear wrote:
At 1:36 PM -0700 7/18/97, Lizard wrote:>Frankly, I find it mildly
amusing no one has asked the Congressional defenders of key escrow, point blank, "What safeguards do you have against keys falling into the hands of the next Ames?" Who watches the watchmen?
Why not go one step further and get the strong crypto supporters in the Senate to tack on an ammendment to the McCain-Kerrey-bill forcing the FBI and our most secret security agencies to use the very same government/industry escrow entitites (but not any of the intelligence organizations themselves) for all their encrypted data storage and communications traffic and requiring regular GOA compliance reviews.
If you want to diddle with GAK provisions to make them just a little more palatable (honey to make the pill go down?), I prefer my old one from 1993 (and 4 and 5 and 6 ...). Have the key split 12 ways, by XOR, so you need all 12, all have to agree the desire is justified and all can do whatever they want with the information that the key request came in and was or was not satisfied (by them): 1) ACLU 2) NRA 3) Republican Nat'l Committee 4) Democratic Nat'l Committee 5) N Y Times 6) Washington Post 7) Christian Coalition 8) Libertarian Party 9) FBI 10) NSA 11) Speaker of the House of Representatives 12) U S Supreme Court Deliver requests by US Postal Service. Have each session key released individually (by having the sender split the session key 12 ways and encrypt each piece under the public key of a different agency listed above). All requests include the name of the target and the reason for the suspicion. Since all the above can be trusted, there will be no compromise of law enforcement objectives. - Carl -----BEGIN PGP SIGNATURE----- Version: PGP for Personal Privacy 5.0 Charset: noconv iQCVAwUBM9AdCVQXJENzYr45AQGVPgP+LULZPUSQB+xOm8nv5RfNCnAPy3XgK4vR rSxTuVw2kS/xVSb/gKNNfA5E4Eb+B/2H9zylfOe8Sz3ki5kWoP0xJvXhNIikNFb4 +fTJFClfWbONYag01kLQRjYiXvcVN+T6oH4s8490R2rgTpRebSG5opPMLaBTSpI8 R292Uw4719c= =4+Ph -----END PGP SIGNATURE----- +------------------------------------------------------------------+ |Carl M. Ellison cme@cybercash.com http://www.clark.net/pub/cme | |CyberCash, Inc. http://www.cybercash.com/ | |207 Grindall Street PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 | |Baltimore MD 21230-4103 T:(410) 727-4288 F:(410)727-4293 | +------------------------------------------------------------------+