-----BEGIN PGP SIGNED MESSAGE----- In <v0310280db03200b3cc75@[207.167.93.63]>, on 09/02/97 at 10:51 AM, Tim May <tcmay@got.net> said:
At 10:12 AM -0700 9/2/97, Ray Arachelian wrote:
Uh huh, yeah, we'll be getting the NSA to review security... Joy. I can see it now. "Single DES is very safe. 40 bit keys are more than enough..." Even with Bruce on this, it doesn't warm my trust to them...
Now, Ray, you're being too harsh. When NSA/NIST sought the analysis of Clipper/Tessera several years ago, the distinguished panel met for a weekend in a D.C. area hotel and concluded...drum roll...that Clipper/Tessera was secure.
Of course, Matt Blaze broke the Tessera version a few months later....
NSA has long had a dual mission. SIGINT and COMINT to break enemy messages, and COMSEC to help ensure national security through strong crypto. Code breakers and code makers.
For government uses, this has worked pretty well, most of us would agree. ICBM launch codes are apparently secure, submarines can communicate securely, etc. (Please don't chime in with anecdotes about Walker.)
Some believe they have a role in helping industry to secure its communications. I don't agree. The NSA has no business getting involved in business. Period.
NIST (formerly NBS, of course) may have a role, but I doubt even this.
I do not see how NIST could have any role in the private sector as long as they maintain their cozy relationship with the government especially the NSA. - -- - --------------------------------------------------------------- William H. Geiger III http://www.amaranth.com/~whgiii Geiger Consulting Cooking With Warp 4.0 Author of E-Secure - PGP Front End for MR/2 Ice PGP & MR/2 the only way for secure e-mail. OS/2 PGP 2.6.3a at: http://www.amaranth.com/~whgiii/pgpmr2.html - --------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: 2.6.3a Charset: cp850 Comment: Registered_User_E-Secure_v1.1b1_ES000000 iQCVAwUBNAxSAY9Co1n+aLhhAQH/dwP7BATbMQ8Y5/muQ2jj7XtIk8Aty6XggaAm BC2FDwjcsWGSgj+y9jMJaHumnKbMXBtX6zZtzCWE/I6PmRD6t2vRnRwQFu/dRk1D zPTVlIq5W54fFsESVJn36tO4BgcI+IxZx/j2K7wUwkpCMSq6aXBoNqs44bTgPPzr q0+i/It0SHI= =he6z -----END PGP SIGNATURE-----