Tim writes in the summary of Saturday's meeting:
Jim Bidzos, President of RSA Data Security, intended to just speak briefly about the Clipper Chip, Capstone, and the view of RSA, but ended up staying and participating for several hours. Mike Godwin, of EFF, was present at the Boston (I think) site.
Definitely at the Boston (Cambridge) site.
It appears the Clipper/Capstone program is initially intended to "buy market share" as quickly as possible, with government offices requiring Clipperphones (and probably for those they do business with). Perhaps the intent is undercut competing models and make Clipper the de facto standard, which can then be made the de jure standard.
I am very sceptical that the "market share" strategy is the whole strategy here. I think that while some proponents of Clipper may believe this is the strategy, DOJ hopes that widespread adoption of Clipper will mute any opposition to subsequent limitations on other encryption methods.
John Gilmore has already posted to the list the results of our brainstorming session to come up with questions to ask the FBI, NIST, NSA, Congress, and the Administration. Mike Godwin argued that a lot of embarrassing questions could quickly derail the plan.
Let me clarify: I argued that asking tough questions could either force to the government to reveal its hand or pin the government down to a statement it would later have to admit was false.
That is, it's conceivable this plan could begin to unravel fairly soon.
We can only hope.
Whit Diffie described how the failure could either so greatly embarrass the Administration that they'd be loathe to try it again (the Viet Nam Syndrome, applied to crypto) or that it could provoke them to tighten restrictions even further, perhaps even to the point of an outright ban on the use of unapproved encryption at *any* level.
I believe this is precisely the reason we want to make powerful encryption ubiquitous as soon as possible. And doing this is one of the reasons I mentioned my hope for an eventual rapprochment between Jim Bidzos and Phil Zimmerman. Regardless of past disagreements, these two have a common cause now, and we should strive to find a way to quell further public disagreement and resolve as many differences as possible.
* Since Jim Bidzos was there, the topic of PGP naturally came up several times. Eric Hughes let this run for a while, then moved the discussion back to Clipper. Jim Bidzos clearly had some strong opinions, but also did not want this to be the forum for debating patents and the legality and ethics of PGP.
Another clarification: in response to a comment I made at the meeting, Jim spoke at length about the validity of the RSA patent and about the validity of his company's procedures. I want Jim and others to understand that what I'm saying here should not be interpreted as an attack on Jim's business strategy. I know that Jim is so used to being criticized about the patent that he has standard responses to those criticisms, but I hope it's clear that I wasn't criticizing him.
Some of us continue to hope some accommodation can be reached between RSA Data and the PGP community. The upcoming battle over strong crypto is a bigger issue than this squabble.
Yes, yes, yes. --Mike