McCain Open to Key Recovery Alternative by Rebecca Vesely 3:06pm 11.Jul.97.PDT Senator John McCain, sponsor of legislation that would create a domestic key recovery system for all encrypted commercial transactions and personal communications, said Friday that he is open to hearing alternatives to such a plan. "We are not wedded entirely to key r
http://www.wired.com/news/news/politics/story/5133.html McCain Open to Key Recovery Alternative by Rebecca Vesely 3:06pm 11.Jul.97.PDT Senator John McCain, sponsor of legislation that would create a domestic key recovery system for all encrypted commercial transactions and personal communications, said Friday that he is open to hearing alternatives to such a plan. "We are not wedded entirely to key recovery," the Arizona Republican said in an interview. McCain, chairman of the Senate Commerce, Science, and Transportation Committee, and Senator Bob Kerrey (D-Nebraska) introduced the Secure Public Networks Act last month. Privacy advocates and much of the high-tech industry oppose domestic key recovery on grounds that it would violate civil rights and be impractical and expensive to build and manage. McCain said he met with Microsoft representatives recently to discuss a new technology being developed by the software giant that could be less intrusive and problematic than key recovery. The senator also said he plans to meet with Netscape officials next week to discuss yet another alternative. Officials from Netscape were not immediately available for comment. "I'm saying, OK, if you have another solution, I'd like to hear it," McCain said, though he stressed that protecting national security remains his "first obligation." The McCain-Kerrey bill includes provisions for setting up a voluntary domestic key recovery system, including incentives for those who participate. Critics say participation in the key-management infrastructure wouldn't really be voluntary - it would be a prerequisite to conducting electronic commerce. Encryption, or data-scrambling technology, is widely viewed as the cornerstone to e-commerce because it conceals credit card numbers and other personal information traveling over networks. Key recovery, as outlined in the bill, would create a system of certificate authorities to whom users would give a copy of their data keys. Law enforcement could then access that copy of your key through a court order. McCain's flexibility on the issue could influence the debate over how to protect national security while allowing a free market to flourish in the digital age. Just two days ago, at a Senate Judiciary Committee hearing on the bill, FBI director Louis Freeh testified on the need for mandatory domestic key recovery, and some senators on the committee, notably the chairman, Orrin Hatch (R-Utah), seemed to agree that some sort of domestic key recovery is needed to allow law enforcement to wiretap suspect digital communications and transactions.
(I changed the message name, as it appeared to be entirely too many lines! :-}) At 5:26 PM -0700 7/11/97, Alan Olsen wrote:
McCain Open to Key Recovery Alternative
by Rebecca Vesely
McCain said he met with Microsoft representatives recently to discuss a new technology being developed by the software giant that could be less intrusive and problematic than key recovery. The senator also said he plans to meet with Netscape officials next week to discuss yet another alternative.
This is something we should watch _very_ closely! I cannot imagine any solution acceptable to statists like McCain, Kerrey, Swinestein, Clinton, Freeh, and all the others that would even remotely be acceptable to anyone who cherishes liberty. The extreme danger is that the McCain-Kerrey bill was just so plain terrible that it is being used as a bargaining chip to get a "compromise." And that compromise could be fed by helpful, hopeful corporate spinmeisters. The danger is that the work MS was doing a few years ago on key recovery could be made part of the basis of the "new industry compromise." I had hoped this had died when Chairman Gates came out so strongly against key escrow and GAK in his book. (The recent discussion of "collective contracts," where an industry-government deal binds us all, is timely.)
Just two days ago, at a Senate Judiciary Committee hearing on the bill, FBI director Louis Freeh testified on the need for mandatory domestic key recovery, and some senators on the committee, notably the chairman, Orrin Hatch (R-Utah), seemed to agree that some sort of domestic key recovery is needed to allow law enforcement to wiretap suspect digital communications and transactions.
The ground is shifting rapidly from "we need a law to recapitulate Americans' right to strong crypto" (Pro-CODE) to "we need key recovery in exported products and when government networks are involved" (McCain-Kerrey) to "some sort of domestic key recovery is needed" (Freeh-Hatch-Pol Pot). Let them all hang. --Tim May There's something wrong when I'm a felon under an increasing number of laws. Only one response to the key grabbers is warranted: "Death to Tyrants!" ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@got.net 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^1398269 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway."
On Fri, 11 Jul 1997, Tim May wrote:
(I changed the message name, as it appeared to be entirely too many lines! :-})
I accidently pasted the whole message into the subject line. Netscape does not show anything beyond the first line, so it went unnoticed until after I sent it. Oh well...
At 5:26 PM -0700 7/11/97, Alan Olsen wrote:
McCain Open to Key Recovery Alternative
by Rebecca Vesely
McCain said he met with Microsoft representatives recently to discuss a new technology being developed by the software giant that could be less intrusive and problematic than key recovery. The senator also said he plans to meet with Netscape officials next week to discuss yet another alternative.
This is something we should watch _very_ closely!
I agree. The article seemed to imply that both Microsoft and Netscape were falling all over each other trying to come up with gak-like alternatives to key recovery. I wonder what Tom Weinstien can tell us about that... (He has been a bit quiet lately... Too quiet.)
I cannot imagine any solution acceptable to statists like McCain, Kerrey, Swinestein, Clinton, Freeh, and all the others that would even remotely be acceptable to anyone who cherishes liberty.
Neither can I. They seem to think they have the right and responsibility to dictate the morals and thoughts of others. I wonder what the public response would be if this were a set of laws about opening and recording the contents of snail-mail? Or sending mail in envelopes that cannot be opened without detection... (Judging by the current cluelessness of the general public, not much.)
The extreme danger is that the McCain-Kerrey bill was just so plain terrible that it is being used as a bargaining chip to get a "compromise." And that compromise could be fed by helpful, hopeful corporate spinmeisters.
The danger is that the work MS was doing a few years ago on key recovery could be made part of the basis of the "new industry compromise." I had hoped this had died when Chairman Gates came out so strongly against key escrow and GAK in his book.
Anything to make a buck. Check out Microsoft's crypto API sometime. There are all sorts of little hooks to enforce the export regs and make strong crypto difficult. (Best using another library all together as far as I am concerned. Especially since they seem to change the API every other month.)
(The recent discussion of "collective contracts," where an industry-government deal binds us all, is timely.)
The ties that bind... or choke...
Just two days ago, at a Senate Judiciary Committee hearing on the bill, FBI director Louis Freeh testified on the need for mandatory domestic key recovery, and some senators on the committee, notably the chairman, Orrin Hatch (R-Utah), seemed to agree that some sort of domestic key recovery is needed to allow law enforcement to wiretap suspect digital communications and transactions.
The ground is shifting rapidly from "we need a law to recapitulate Americans' right to strong crypto" (Pro-CODE) to "we need key recovery in exported products and when government networks are involved" (McCain-Kerrey) to "some sort of domestic key recovery is needed" (Freeh-Hatch-Pol Pot).
Actually I think that Freeh is being the most honest of the whole bunch. I don't think any of them believe in free speech for the masses. (For them, yes. For everyone else, no.) Freeh just has enough of a spin and created "crisis" for him to get away with it. And with the new "Child Porn Epedemic"... It makes me wonder if "Operation Looking Glass" has moved to the net. (Covertly, of course.) alano@teleport.com | "Those who are without history are doomed to retype it."
Alan wrote:
On Fri, 11 Jul 1997, Tim May wrote:
At 5:26 PM -0700 7/11/97, Alan Olsen wrote:
McCain said he met with Microsoft representatives recently to discuss a new technology being developed by the software giant that could be less intrusive and problematic than key recovery. The senator also said he plans to meet with Netscape officials next week to discuss yet another alternative.
This is something we should watch _very_ closely!
I agree. The article seemed to imply that both Microsoft and Netscape were falling all over each other trying to come up with gak-like alternatives to key recovery. I wonder what Tom Weinstien can tell us about that... (He has been a bit quiet lately... Too quiet.)
When I'm quiet, it's probably because I'm busy. It's certainly not because I was spirited off to Fort Meade by the black helicopters for brain washing. Let's look at this another way. Given the opportunity to discuss your views with a senator, whouldn't you take it? Even if there's very little chance of changing his mind? We aren't going to suddenly do an about face and start saying that GAK is good. Even if anyone here believed that, there's no way that we'd be able to sell it to our overseas customers. -- What is appropriate for the master is not appropriate| Tom Weinstein for the novice. You must understand Tao before | tomw@netscape.com transcending structure. -- The Tao of Programming |
participants (4)
-
Alan -
Alan Olsen -
Tim May -
Tom Weinstein