Can we get the text of the actual speech? Unless Netscape officially issues a statement on their home page, and as a press release, saying that the press coverage was wrong and Netscape is *against* any and all forms of GAK, then I think we should assume that Netscape official position is in favor of GAK, and speak out about it as such. It is very damn close to the wire. Even though the speech may have been misreported, it is the reporting that affects public opinion. Even if Netscape has no current products or plans to release products implementing GAK, in light of this press coverage, unless they issue a statement saying they are against GAK, then they are for GAK. I haven't given up on Netscape, yet-- I'm waiting for an official word. Jeff: If Netscape comes out in favor of GAK, will you leave? (Wait until February, at least, of course..) You don't have to answer that to me, or the list, just think about it, and answer it for yourself. Do you think "anyone else" there would leave, as you say below that they don't want to go down history, etc...
sameer wrote:
http://www.cnet.com/Central/News/govt.html
Bad. Very Bad. And I was almost starting to like Netscape.
Please don't give up on us yet. All press accounts I've read so far have lots of stuff attributed to Jim, but very little of it is actual quotes. There appears to be lots of paraphrasing and interpretation being done on the part of the reporters. The impression that I'm getting is that the press has blown a couple of small sound bites way out of proportion. The infoworld article that covers the same speech only devotes about 20% of the article to the key escrow topic, and is similarly devoid of actual quotes.
I have not spoken to Jim about this, and I did not hear the talk myself, so I'm mostly reading between the lines here. After I saw the story earlier today I started asking around to see if the company had made any major policy shift in the direction of GAK, and wasn't able to turn up anything. If anything its the opposite.
My feelings about key escrow, which were echo'd by several folks in management when I spoke to them today are:
o Government mandated escrow would be a bad thing o There are some settings where escrow is good, in the corporate setting, or as a matter of person choice(to protect against loss of password) o The whole issue of escrow should be de-coupled from the export issue
I don't want to go down in history as a facilitator of the totalitarian state, and I don't think anyone else here does either. I hope folks wait for press releases, product announcements, etc. before condemning us too much. Jim has made comments in the past that were quoted out of context, and blown way out of proportion to the point that some people believed that we were monitoring our user's every keystroke and sending it all back to the home office to generate huge demographic databases. I suspect that this is the same sort of thing, and I hope everyone will judge us by what we do.
--Jeff
PS - you won't find a LEF in the soon to be released SSL Version 3 spec...
-- Jeff Weinstein - Electronic Munitions Specialist Netscape Communication Corporation jsw@netscape.com - http://home.netscape.com/people/jsw Any opinions expressed above are mine.
-- sameer Voice: 510-601-9777 Community ConneXion FAX: 510-601-9734 The Internet Privacy Provider Dialin: 510-658-6376 http://www.c2.org/ (or login as "guest") sameer@c2.org