tcmay@got.net (Timothy C. May) writes: The question I have is this: Why is the Justice Department even involved at all if it is truly only about _commercial_ key escrow?
DoJ is involved because industry didn't buy into Clipper-type GAK, and the FBI still wants to be able to read encrypted files, as well as encrypted phone conversations if they ever turn up. The White House is willing to help, but not to the extent of making GAK mandatory. However, they (WH and FBI) are hopeful that forcing either GAK or weak encryption on the export market will encourage companies to build single systems that they can both export and sell domestically, which would make the domestic ones weak or GAKed as well. DoJ is involved with the commercial escrow because they (or NIST or somebody) expect to be certifying the export escrow companies, which they hope will be the same operations. As a data point, Dorothy Denning is increasingly pessimistic that this plan will in fact result in the same weak or escrowed system being used domestically; if it doesn't, that presumably triggers Louis Freeh to head back to the Hill for more legislation. I don't know what they intend to do about PGP-like systems, but I suspect that's a second-order concern; the first-order concern must be avoiding the situation where Microsoft builds unGAKed 3DES into Word. Jim Gillogly Trewesday, 25 Winterfilth S.R. 1995, 02:51