Re: My chat with Goeff Greiveldinger
At 8:00 PM 10/15/95, Michael Froomkin wrote:
I will be appearing with Goeff Greiveldinger, he of the Justice Dept, at a discussion of commercial key escrow next Thursday in Bethesda. Anyone with fun questions I should throw at him should contact me...
Please note that the ostensible topic of this discussion is *commerical* key escrow, not Clipper per se, so I have to be diplomatic....
The question I have is this: Why is the Justice Department even involved at all if it is truly only about _commercial_ key escrow? (I have some speculations, of course, which I'll share in a minute.) While commercial key escrow of course has legal implications, so do a lot of things that I suspect the Justice Department has no interest in discussing with anyone. And most of the implications of commercial key escrow--if strongly voluntary in the sense we have discussed many times here--are implications of _contract_ law that will get hashed out through court cases. So, why is the JD interested? Why would Mr. Greiveldinger of the JD be at a discussion of commercial key escrow if in fact it is to be purely voluntary and strongly voluntary? Unless, of course, the JD has interests that go beyond mere privately arranged contracts to hold keys in safety. Or, I suppose, export control issues. (But then I think it unlikely that a strongly voluntary system would be allowed to be exported. And since a domestic version that is strongly voluntary would leak out almost immediately, I think a domestic strongly voluntary CKE system is unlikely.) I suspect Michael Froomkin can tell us why the JD is involved, what the stated reason is, but I still find it "odd" that a purely voluntary contractual arrangement between, say, "Thomas Paine" and "Ye Olde Keye Repository" is generating interest by King George's legal officers. --Tim May Views here are not the views of my Internet Service Provider or Government. ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@got.net 408-728-0152 | anonymous networks, digital pseudonyms, zero Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^756839 | black markets, collapse of governments. "National borders are just speed bumps on the information superhighway."
Tim May asks why Greiveldinger is invited (or, more to the point, why he accepted the invitation). I don't know. There are fun legal issues, not all arising from contract here. In particular, assume for a momement that (1) the goverment offers "escrow" services and/or (2) the government requires that >40 bit encryption products include mandatory US govt-apporved escrow as a precondition for export clearance [the NIST trial balloon]. Under (1) your participation in the escrow is not necessarily "voluntary"; a similar, if less powerful, argument can be made under (2). Also, when the government provides the "escrow service" different liability rules may apply. FWIW, My guess is GG is going because the right person asked him. That's why I'm going, and that's how Washington works... A. Michael Froomkin | +1 (305) 284-4285; +1 (305) 284-6506 (fax) Associate Professor of Law | U. Miami School of Law | froomkin@law.miami.edu P.O. Box 248087 | http://www.law.miami.edu/~froomkin Coral Gables, FL 33124 USA | It's hot here. And humid.
tcmay@got.net (Timothy C. May) writes: The question I have is this: Why is the Justice Department even involved at all if it is truly only about _commercial_ key escrow?
DoJ is involved because industry didn't buy into Clipper-type GAK, and the FBI still wants to be able to read encrypted files, as well as encrypted phone conversations if they ever turn up. The White House is willing to help, but not to the extent of making GAK mandatory. However, they (WH and FBI) are hopeful that forcing either GAK or weak encryption on the export market will encourage companies to build single systems that they can both export and sell domestically, which would make the domestic ones weak or GAKed as well. DoJ is involved with the commercial escrow because they (or NIST or somebody) expect to be certifying the export escrow companies, which they hope will be the same operations. As a data point, Dorothy Denning is increasingly pessimistic that this plan will in fact result in the same weak or escrowed system being used domestically; if it doesn't, that presumably triggers Louis Freeh to head back to the Hill for more legislation. I don't know what they intend to do about PGP-like systems, but I suspect that's a second-order concern; the first-order concern must be avoiding the situation where Microsoft builds unGAKed 3DES into Word. Jim Gillogly Trewesday, 25 Winterfilth S.R. 1995, 02:51
-----BEGIN PGP SIGNED MESSAGE-----
As a data point, Dorothy Denning is increasingly pessimistic that this plan will in fact result in the same weak or escrowed system being used domestically; if it doesn't, that presumably triggers Louis Freeh to head back to the Hill for more legislation.
Yup, those of us who already paid the up-front cost to build two versions of our products are not about to *weaken* our domestic version just to go back to having only one version. - Bill -----BEGIN PGP SIGNATURE----- Version: 2.6.1 iQCVAwUBMIJZO7T+rHlVUGpxAQGJJwQAgewBBehZWJMDN4gl2BBeZKEeQqpF86l5 GCqwXDcZEPjeFnNg4P2bIjHZ7UAu/DNMcABN8ZBmqusAkSEa28m3MFigIcTdnrO7 vKM8LuKj8rC95ig6hjJ20RitUF820BnQjRsIBQafa96J9rav1nZpX2UeZ8Ad9l6y BfTjGVqAEig= =zSSz -----END PGP SIGNATURE-----
participants (4)
-
Bill Sommerfeld -
Jim Gillogly -
Michael Froomkin -
tcmay@got.net