At 4:11 PM -0700 10/22/96, Jeff Weinstein wrote:
John Young wrote:
10-17-96, BuWi:
"Apple, IBM, JavaSoft, Motorola, Netscape, Nortel, Novell, RSA, and Silicon Graphics Announce PICA Crypto-Alliance"
The PICA specification will also be designed to make the task of developing differing domestic and exportable security requirements much easier. [GAK alliance 2.]
John, I think you are misreading the intent here. By making it easier to develop separate domestic and exportable versions of a product, we foil the government's attempt to force weak domestic encryption because it is too much work to maintain two different versions.
Thwarting the True Intent of GAK by ensuring that domestic crypto is completely unhampered, unhindered, unlimited, and unGAKked is terribly important. A year or so ago, when Netscape folks issued assurances that the "relative convenience" of having one "world version" would not be the determining factor, and that Netscape would have two versions (times the number of platforms they support), was an incredibly positive development. (And Bill Gates, of the Evil Microsoft, had already isssued scathing denunciations of key escrow and mandatory crypto, so MS was already effectively in our camp.) So, if PICA helps this (along with the Elites Alliance, a rival type), more power to them. I wouldn't be surprised if the Feds try to exert pressure on them to change this purpose that Jeff W. describes. Government will realize that industry consortia are a way to "build consensus" on getting GAK built in to even domestic products. (The renaming of Clipper/Tessera/etc. to key escrow and then to "key recovery" is essential to this strategy....got to convince U.S. software companies that Mr. Policeman is Our Friend...not an easy sell.) But I wonder if the PICA Alliance will be allowed to pursue this "dual strength strategy." Mightn't it be a violation of the ITARs merely to _conspire_ to keep domestic crypto unhindered and strong? (:-} for the :-}-impaired.) Though this is preaching to the choir, it's imperative that Netscape, Microsoft, and the Other Minor Players remain committed to _never_ compromising the security of _domestic_ products....Europe and Asia will have to take of themselves, as the true battle always has and always will be about the U.S. government's desire to surveil us and tap our communications at will. (Anyone who doubts this should reread the recent comments of Janet Reno, Louis Freeh, Jamie Gorelick, and all the others talking about the need to read the communications of criminals and suspected criminals. The real goal is to head off crypto anarchy, as the summary by Black Unicorn made clear just a day or two ago.) --Tim May "The government announcement is disastrous," said Jim Bidzos,.."We warned IBM that the National Security Agency would try to twist their technology." [NYT, 1996-10-02] We got computers, we're tapping phone lines, I know that that ain't allowed. ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@got.net 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^1,257,787-1 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway."