I have obtained the OECD draft crypto guidelines from: http://www.quintessenz.at/Netzteil/OECD/index.html where they are a Word 6 file. I have converted them to HTML and put them at: http://www.ozemail.com.au/~firstpr/crypto/oecd_dr.htm This is probably not the absolute latest draft, but it is the best I can get. I think there is a lot of good material here, but they still seem wedded to the idea of key-recovery or some other means of governments accessing plaintext or keys. They seem to assume there will always be a copy of the key around the place somewhere. In general, in the future cryptographic exchanges will use fresh key-pairs for each session, so not even the user can get a copy of the private key. Maybe key-recovery techniques are designed to cope with this, but the question is why would anyone want to use such a system other than that the government (and some corporations aligned with the government) want them to? There is no reason why ordinary or criminal users should be interested in key recovery/escrow, or weakened key-spaces - what they need is simple to use, totally secure, end-to-end encryption. The whole aim is to make a bulletproof secure pipe that doesn't depend on any other data, technology or administrative actions. The draft guidelines have my comments at the start, including a suggested rewording of paragraph 88 which currently states that crypto systems *should* provide for lawful access to the plaintext/key. The OECD people do not seem to have considered the fact that criminals will wrap their material in a crypto system they can trust before putting it through the government mandated system that they don't trust. My comments include a more detailed discussion of this argument, particularly in the situation where criminals are communicating with non-criminals. In a nutshell, how is all the cost, risk, doubt and complication of key escrow/recovery etc. justified by its benefits for serious crime prevention/deterrence, when the great majority of criminals and a large number of ordinary private and commercial users will be applying their own strong encryption first? Does anyone know of writing that specifically tackles this question? This is a separate question from those about whether governments can be trusted, or about absolute rights to privacy etc. It is simply a cost/benefit analysis. To me the benefits for reducing serious crime seem slim indeed and the costs - not least the general feeling that people may be using daily a system specifically designed for tapping their communications - seem to be very high. - Robin . Robin Whittle . . http://www.ozemail.com.au/~firstpr firstpr@ozemail.com.au . . 11 Miller St. Heidelberg Heights 3081 Melbourne Australia . . Ph +61-3-9459-2889 Fax +61-3-9458-1736 . . Consumer advocacy in telecommunications, especially privacy . . . . First Principles - Research and expression - music, . . music industry, telecommunications . . human factors in technology adoption. . . . Real World Interfaces - Hardware and software, especially . . for music .