On Fri, 11 Jul 1997, Tim May wrote:
(I changed the message name, as it appeared to be entirely too many lines! :-})
I accidently pasted the whole message into the subject line. Netscape does not show anything beyond the first line, so it went unnoticed until after I sent it. Oh well...
At 5:26 PM -0700 7/11/97, Alan Olsen wrote:
McCain Open to Key Recovery Alternative
by Rebecca Vesely
McCain said he met with Microsoft representatives recently to discuss a new technology being developed by the software giant that could be less intrusive and problematic than key recovery. The senator also said he plans to meet with Netscape officials next week to discuss yet another alternative.
This is something we should watch _very_ closely!
I agree. The article seemed to imply that both Microsoft and Netscape were falling all over each other trying to come up with gak-like alternatives to key recovery. I wonder what Tom Weinstien can tell us about that... (He has been a bit quiet lately... Too quiet.)
I cannot imagine any solution acceptable to statists like McCain, Kerrey, Swinestein, Clinton, Freeh, and all the others that would even remotely be acceptable to anyone who cherishes liberty.
Neither can I. They seem to think they have the right and responsibility to dictate the morals and thoughts of others. I wonder what the public response would be if this were a set of laws about opening and recording the contents of snail-mail? Or sending mail in envelopes that cannot be opened without detection... (Judging by the current cluelessness of the general public, not much.)
The extreme danger is that the McCain-Kerrey bill was just so plain terrible that it is being used as a bargaining chip to get a "compromise." And that compromise could be fed by helpful, hopeful corporate spinmeisters.
The danger is that the work MS was doing a few years ago on key recovery could be made part of the basis of the "new industry compromise." I had hoped this had died when Chairman Gates came out so strongly against key escrow and GAK in his book.
Anything to make a buck. Check out Microsoft's crypto API sometime. There are all sorts of little hooks to enforce the export regs and make strong crypto difficult. (Best using another library all together as far as I am concerned. Especially since they seem to change the API every other month.)
(The recent discussion of "collective contracts," where an industry-government deal binds us all, is timely.)
The ties that bind... or choke...
Just two days ago, at a Senate Judiciary Committee hearing on the bill, FBI director Louis Freeh testified on the need for mandatory domestic key recovery, and some senators on the committee, notably the chairman, Orrin Hatch (R-Utah), seemed to agree that some sort of domestic key recovery is needed to allow law enforcement to wiretap suspect digital communications and transactions.
The ground is shifting rapidly from "we need a law to recapitulate Americans' right to strong crypto" (Pro-CODE) to "we need key recovery in exported products and when government networks are involved" (McCain-Kerrey) to "some sort of domestic key recovery is needed" (Freeh-Hatch-Pol Pot).
Actually I think that Freeh is being the most honest of the whole bunch. I don't think any of them believe in free speech for the masses. (For them, yes. For everyone else, no.) Freeh just has enough of a spin and created "crisis" for him to get away with it. And with the new "Child Porn Epedemic"... It makes me wonder if "Operation Looking Glass" has moved to the net. (Covertly, of course.) alano@teleport.com | "Those who are without history are doomed to retype it."