Some notes on the D. Denning article on Clipper in Sigma Xi American Scientist, July-August, vol 81 p. 319-323. Essentially almost nothing new for people who have tracked the debate on the Internet. Some tiny scraps at the end. This is a sort of `Scientific American' article on the Clipper chip. Apparently it was written before the switch to the Skipjack moniker, although under the photo caption of the chip it states `The name `Clipper Chip' should not be confused with Integraph Corperation's microprocessor.' The article begins by noting that cryptography is as ancient as Julius Caesar and the Gallic Wars. Clinton's Clipper and Capstone as a `new government standard for encryption.' Short blurb on public key cryptosystems a la Diffie & Hellman and RSA in mid 1970s, `a turning point in the development of modern cryptosystem.' (Madam, it is a revolution.) DES in 1977 by IBM `with advice from the National Security Agency.' Mentions PEM as example of `growing interest in strong cryptosystems that protect unclassified, private-sector telecommunications and computer data.' Next, the AT&T Model 3600 Telephone Security Device, which used the DES chip that `illustrates the basic issues--some technical and some societal--involved in securing voice communcations.' Denning says the key exchange algorithm in the phone is `proprietary' but gives the Diffie Hellman math as example. Then we hear of Omnibus Crime Control and Safe Streets Act of 1968 that limits electronic surveillance, including wiretapping, to be `conducted lawfully only by law-enforcement agencies that are authorized with a court warrant, and then only for serious criminal activities in which other means of gathering evidence have failed, are likely to fail or are too dangerous.' `This act prohibits surveillance in other cases such as political discourse. The law provides a practical basis for safeguarding privacy rights while allowing legitimate criminal investigations. In applies only to federal investigations; two-thirds of the states have their own laws that govern local surveillance activities.' `Officials in the Dept. of Justice have become concerned that the increasing use of digital encoding and the success of public cryptography may make it impossible to intercept or understand criminal communications. The AT&T telephone device added urgency to that concern.' Hm, even the Clipper announcement didn't note any `concern'... Then, Clipper was `proposed' by Clinton administration to (1) secure telephone conversations, (2) preserve law-enforcement capability to `legally intercept the telephone conversations of suspected criminals' (wow, finally a word like `suspected' or `reputed' or `alleged' in conjunction with Clipper, a real milestone), and (3) split key escrow system that `balances' privacy. `The president declared that it is essential to establish these principles now, while the `national information infrastructure' is still young, so that privacy and effective law enforcement can guaranteed for everyone in years ahead.' I don't recall that proclamation. What were his exact words again? Next, description of Clipper and Capstone and the first user-friendly diagrams suitable for public consumption showing the key generation, communication session, and interception. Fairly detailed esp. with the key generation. Does not indicate at all how the key escrow agencies are assured that the chip IDs presented to them are actually of the people named in a warrant. `The details of the law-enforcement field are classified so that no one will be able to construct compatible chips that bypass this feature. Consequently, the structure of the law enforcement decoder is classified.' Then, Capstone as Clipper successor `will be relased this summer' with all the same elements plus DSA, key negotiation, exponentiation, and random number generator. `If the Capstone Chip become available on workstations and personal computers, it could also be used for Privacy Enhanced Mail.' (Boy, clearly someone at NSA is really concerned about this PEM thing.) Yeeks, here's the news: `The Clinton administration intends to [promote Clipper and] by developing and promulgating a standard for all sensitive, unclassified federal communications by the end of 1993.'' The ominous statement is that this seems to suggest something more than Clipper. `The Clinton administration believes that industry will follow the government's lead as it did in the 1970s with the DES system.' (we'll see.) `The administration does not propose to enforce the use of the Clipper Chip because it believes the technology will become widespread without coercion'. This is the tantalizingly familar NSAspeak into which people can read whatever they want, the same sounds-OK-except-to-here and what-are-they-really-saying sentence structure that permeated the Clipper announcment. Taken in the first half, it seems to be the most bold and unequivocal indication so far in the popular press that Clipper nor any other system will be `enforced'. On the other hand, it also has the ulterior suggestion that if the technology does *not* become widespread without coercion, some other attack will be formulated, and the `administration' cannot be considered liable for any seeming promises for unrestriction. Now, for the kicker: the National Security Council will finish their `comprehensive policy review' hinted in the Clipper announcement on `privacy, secure business communications, ... electronic surveillance, ... manufacture and export of advanced [cryptographic] products, use of advanced [cryptographic] technologies in digital networks and telecommunications, ... expected to be completed in September'. Can't wait for that one. `issues such as software encryption and private-sector standards are likely to be raised by industry during the process'. Don't you love that ubiquitous evasive passive voice? As the Clipper announcement stated `public debate is expected to intensify'...yelled at and echoing off the brick wall of the castle, soon to disgorge the concealed schemers with their Royal Proclamation for the Citizenry... At the end: `Note: the author obtained some of the information in this article during private briefings with the National Security Agency and the Federal Bureau of Investigation.' No kidding.