The GAK Momentum is Building...
At 1:59 AM 9/17/96, David Lesher wrote:
Clarinet sez:
OTTAWA, Sept. 16 (UPI) -- The federal government has chosen Northern Telecom's data security software, Entrust { } Public-Key Infrastructure (PKI)... for gov't use.....
worth $7.3 million......
Add to this these items: -- the IBM GAK product -- the "Clipper IV" (or is it only Clipper III?) GAK announcement expected "soon" It seems that several of these announcements are happening at the same time, which I doubt is coincidental. As the Republican challenger (whose name escapes me at the moment :-}) is not making an issue out of this, and is not making any issues out of anything related to liberty issues as near as I can tell, Clinton and the national security establishment seem to have free rein (and reign) to deploy GAK> As Lucky pointed out, GAK now appears inevitable. There's probably still time to monkeywrench these schemes, though. A few Blaze- or Wagner/Goldberg-type hacks could undermine confidence in the Key Authority (not to be confused with the Port Authority, which I presume handles i/o port assignments). --Tim May We got computers, we're tapping phone lines, I know that that ain't allowed. ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@got.net 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^1,257,787-1 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway."
On Mon, 16 Sep 1996, Timothy C. May wrote:
-- the "Clipper IV" (or is it only Clipper III?) GAK announcement expected "soon"
Its Clipper IV. It will take the form of a bill introduced by the USG later this Fall.
It seems that several of these announcements are happening at the same time, which I doubt is coincidental.
Nothing coincidental about it. The USG, through its front man Al Gore, has used time honored "divide and conquer" techniques to get the industry leaders to support their fascist agenda by promising to let them off easy under the future rules. For crying out loud, CyberCash, to give one example, touts in all their recent presentations how they have compliance with regulations that don't even exist yet built into their system. Meanwhile, HP, TIS, IBM, and others have made a deal to sell their children's birthright for fast track single DES export. I read some five newspaper articles on export control/GAK in the last few days. All mentioned as a matter of fact that GAK will be part of lightened export controls. None questioned the connection between domestic GAK and foreign exports. The worst of these articles, in the Sunday SF Chronicle, mentioned as the only defenders of non-GAK encryption hackers by the name of "Black Knight", etc. who were quoted as having no explanation for the dichotomy between "information wants to be free" and "I don't want the Feds to read my email". It is a done deal, --Lucky, who told you this three years ago.
again, more black/white cpunk thought that goes along the lines, "unless we have won everything, we have lost everything". you guys are awfully cynical. clipper has failed its original objectives by miles. the last-ditch efforts by bureacrats to get some semblance of "key escrow" from recent developments are increasingly pathetic. I'd say the significant dilution of clipper over the years is a very strong victory for pro-privacy, pro-cryptography advocates. the Clipper proposals are increasingly moving into the area of "key management". large companies will always want key management features, to deal with employees who forget passwords, leave the company, etc.-- face it, this is a simple reality. essentially all the latest moves amount to, imho, is the government trying to get its fingers into these key management infrastructures. so the recent stuff that is emerging, I would hesitate to call "gak". it sounds more like "gaki", or government access to key infrastructures. these infrastructures are going to be built up regardless of what cpunks wish-- private businesses simply must have them. frankly all it looks like to me is the government saying, "we reserve the right to subpoena keys". this will always be the case. bureacrats are always trying to pass new laws when old ones already apply.
It is a done deal, --Lucky, who told you this three years ago.
again, more simplistic summaries. there is a whole range of evil proposals that the government could be involved in, and we have to begin to discriminate between them. the government could be the sole manager of all key infrastructures and the entity that licenses all crypto for any use-- that I would consider total worse case reality. or the government could have tentacles stuck into key infrastructures that businesses build up. the latter is not quite as odious or threatening. in fact it simply sounds like the government saying, "we reserve the right to subpoena keys". (of course the latter could always evolve into the former. I suppose the cynics would contend that it is inevitable.)
participants (3)
-
Lucky Green -
tcmay@got.net -
Vladimir Z. Nuri