Hi, Forwarded message:

Date: Tue, 17 Jun 1997 19:09:09 -0400 From: Robert Hettinga <rah@shipwright.com> Subject: Kerrey bill introduced in Senate

Sen. Kerrey's evil "Secure Public Networks Act" was introduced in the Senate today, cosponsored by Sen. McCain.

The bill, if passed, would:

Criminalize breaking another person's ciphertext for the purpose of violating their privacy, security, or property rights; (goodbye, Netscape bugs bounty and DES/RC4 cracks) (s. 105(3))

Actualy it would prevent me from cracking your ciphertext, it does not prevent me from trying to crack my own ciphertext. Since I am supplying the plaintext it is clear that I can continue to test Netscape or any other algorithm. It also implies, by specificaly mentioning privacy, that you can give me permission to attempt to crack your ciphertext. It, intentionaly or not, give you the individual the choice and not Uncle Sam.

Criminalize intercepting another's intellectual property for the purpose of violating intellectual property rights (s. 105(4))

I have absolutely no problem with making it illegal for you to packet sniff my network when your specific goal is to take internal information against my will and use it against me. I think this is the kind of law that needs to be made. I would however suspect that existing law covers this quite thoroughly.

Require federal government purchasers of crypto equipment to buy GAK crypto; (s. 202, 204)

The federal government can require whatever the hell it wants of itself. I don't work for them anymore and would not consider it in the future. When they start telling me that I have to do something for their convenience, then and there I have a major bitch.

Require crypto products purchased with federal funds for use on a public network to employ GAK crypto; (s. 203, 205)

See above.

Legalize the export of 56-bit DES crypto; (s. 302)

Ain't much, but it is a step in the right direction. I mean, 64-bit ain't that far from 56, and shoot if your gonna give me 64 how about 128 since it is ONLY twice as 'large'.

Criminalizes the issuance of signature certificates by registered CA's for encryption keys if the user has not complied with GAK procedures; (s. 407(a)(4))

When did they pass a law requiring registration of CA's in the first place? Or is this another law that only applies to voluntarily registered government CA's? And just exactly what is the ANSI/ISO standard of said registrant? RFC?

Criminalizes requesting a signature certificate for an encryption key from a registered CA if the user has not complied with GAK procedures; (s. 407(a)(5))

I don't understand this. Is the person asking committing the crime for asking for a signature certificate without complying with GAK processes? Or is the person refusing to register their key with a CA after the CA received a request from a third party?

Allows the Secretary of Commerce to "make investigations, obtain information, take sworn testimony, and require reports or the keeping of records by .. any person", to the extent necessary to enforce the Act; (s. 701(a))

Are you saying they must require everyone in a particular business class to comply with their regulatory mechanations without exception OR that they will be able to force such regulatory excesses as they can squeeze out of an individual person/business?

Allows the Secretary of Commerce to subpoena witnesses and documents in any State at any designated place; (s. 701(b)(3)(A))

Their enforcement agents already have this power since they are considered federal agents equivalent to DEA or FBI (Hint: NEVER argue with a guy wearing NOAA, NASA, USGS, DoA, etc. *AND* a badge).

Allows the Secretary of Commerce to impose civil/adminstrative penalties of up to $100K for violations of the Act; (s. 702(1))

Without trial? ____________________________________________________________________ | | | _____ The Armadillo Group | | ,::////;::-. Austin, Tx. USA | | /:'///// ``::>/|/ http:// www.ssz.com/ | | .', |||| `/( e\ | | -====~~mm-'`-```-mm --'- Jim Choate | | ravage@ssz.com | | 512-451-7087 | |____________________________________________________________________|