NSA doesn't seem particularly distressed that Clipper's LEAF can be spoofed and rendered unusable. Could this indicate that the LEAF isn't really necessary to retrieve the session key after all?
Not necessarily. First of all, why would the NSA let it be known if they are distressed? I'm amazed that they have started talking to the public at all! Secondly, what do they hope to achieve with this whole Clipper thing? Given that they are aware that strong crypto exists and is publicly available around the world, what can they gain by pushing Clipper? Is it some type of political influence in the U.S. that they'll get by winning this round, or do they want the ability to spy on ordinary civilian and U.S. government activity, or what? Whatever it is, if it isn't hurt by people having PGP available, it isn't hurt by the small number of people who would spoof LEAFs. As I read the official pronouncements of representatives of the U.S. government and especially the NSA, I can't figure out what they do hope to achieve. Can anyone else on this list make sense of it? -- sidney markowitz <sidney@taurus.apple.com>