It appears that (from the responses I have gotten on why there are key length limits at all on escrowed encryption) I am not forgetting anything obvious. So why is no one seriously questioning why this limit has to be there for key escrow? One suggestion was: the NSA does not completely trust key escrow. But if the NSA (who should know all the inner secrets of it) cannot completely trust key escrow, then why should WE trust key escrow? Obviously, the implication is that brute force (or "near brute force") methods WILL be used against encrypted transactions. So in the best case, there is some lower strata of law enforcement who are only allowed to use the escrowed path to intercept, but there is also some upper strata of law enforcement (presumably some anti-terrorist or national security section of ATF or FBI or CIA or Secret Service) who will be allowed to use such super-duper cracking methods to achieve their goals (assuming their goals are good). But, if the best case happens, then we're all Ozzie and Harriet (or Archie and Edith), and we should be in a love fest with the government. Obviously we don't competely and blindly trust our government. So why do we allow the NSA to get away with such a policy? "Here is something you can use. We can't completely trust it but it should be good enough for you folks." Ern