At 05:33 PM 10/3/96 -0700, Vladimir Z. Nuri wrote:

cpunks, a note about recent developments in "key recovery" initiative.

I think cpunks as a group should reconsider very seriously their own positions on cryptography and come up with something more sophisticated than "any government bill or plan associated with crypto is evil" which is the functional equivalent of the ideology behind many recent posts.

We don't think they're all NECESSARILY evil...they just turn out that way. Whose fault is this?

what is the precise difference between gack, key escrow, and key recovery?

Phase of moon? Season? Maybe it has something to do with the 11-year sunspot cycle? Bi-millenialism?

TCM has argued that the administration is muddying the issue by manipulating the terminology. perhaps so, but I feel that cpunks are equally guilty, by branding anything that emanates out of the government as inherently orwellian. do you always have to have an enemy? is the government always going to be your enemy, no matter what they do?

The government seems to be BEHAVING as if it is always going to be our enemy. Whose fault is that?

I have posted here before that many companies find the concept of "key recovery" highly acceptable and even desirable. the basic question is, what does this mean to wiretapping and search warrants and subpoenas? it is clear we are coming to a fork in the road at this moment.

And it is our goal to not "get forked."

there are going to be two types of cpunk opinions based on recent developments.

1. those who feel that wiretapping was illegitimate from the start and are working to make wiretapping impossible. confronted with a legal search warrant/subpoena etc. for personal data, they would not hand over keys. they would "superencrypt" in systems that do etc.

That's me...

2. those who feel that there is such a thing as a legal warrant or subpoena for information protected by cryptography keys, and would agree that this logically means that governments will be getting access to "key recovery" infrastructures.

On the contrary: The existence of a "legal warrant" doesn't mean that the government ought to (or even can) get access to data via a "key recovery" system. It's been mentioned numerous times that there are plenty of things that could be done (multiple encryption; encryption of GAK'd key; foreign key escrow with no request cooperation, etc) to prevent this.

personally I am leaning toward 2, because I feel that we already live in such a society,

We also live in a violent, oppressive society. Does this mean that we shouldn't try to fix its problems?

and that it is not orwellian.

Pollyanna, meet Eric Blair.

companies are going to lean toward (2).

No, they're going to lean towards yet another system, (3), whatever suits them.

I do agree that the gov't has the potential to twist this process to evil ends,

If it had not had the desire to "twist this process to evil ends" government wouldn't have interfered with the natural development of key-keeping systems which serve only the key owner, not anyone else.

but that has always been true of everything about democratic government, and the recipe for 200+ years has always been and remains "eternal vigilance". in other words, I am in favor of some kind of mechanism by which the government can obtain keys via subpoenas/warrants.

And I am in favor of some kind of mechanism by which the government can be destroyed by ordinary citizens.

cpunks, I think we should try to clarify our terms and come to some conclusions.

those who continue to pursue (1) are going to be perceived as more and more radical and extremist, because arguably it is not even a system we have today or one that was ever devised.

I'd disagree with that. I've devised a system...

remember, the constution guarantees freedom from *unreasonable* search and seizure, but never prohibited search and seizure in the first place!! apparently at least our found fathers believed that "reasonable" search and seizure was a wholly legitimate function of government, based on this wording.

I guess that means that anything they call "reasonable," you'll agree with? Hint: Between about 1932 and 1968, wiretaps in the US were ILLEGAL. Nevertheless, they were done anyway, by the telephone company on request by the cops. (they were not admissible in court, however.) Question: Should we define the standard of 'reasonable' on the opinion of a group of people (cops, officials, politicians) who have a proven habit of using illegal techniques to get information? Apparently, cops are unwilling to let illegality get in their way. I'd say, on the whole, cops must have a rather enormous motivation to get wiretaps, and only a fool would think that this would fail to motivate them to adjust their standard of "reasonableness."

regarding (2): the government may actually help bring crypto to the masses via the post office and other routes. are cpunks going to continue to hold the simplistic, reactionary, knee-jerk, black-and-white opinion that "anything with the word 'government' in it is evil"? "if the government is doing something, then we must sabotage it"?

So far, such an opinion would fit the facts far better than anything you've said so far. Jim Bell jimbell@pacifier.com