Re: The right to be secure (fwd Computerworld article)
Paul Ferguson sent out a copy of a ComputerWorld article "The right to be secure" (ComputerWorld, Volume 27, Number 28, July 12, 1993, page 28, James Daly), which had NIST/NSA Q&A on Clipper. A couple things were mildly interesting (assertion that use of escrow products would be voluntary (if we can trust them)), but one was complex and nasty: To obtain the key needed to unlock the encryption, law enforcement must present evidence of its authority for a key, typically a court order, to both key escrow authorities. ^^^^^^^^^^^^^^^^^^^^^^^^ Finally, the system will be designed to ensure that law enforcement destroys the keys it receives when its authority to conduct the electronic surveillance has expired. "Typically", of course, means "not always", and it's coupled with the phrase "establishment of procedures by the attorney general for the access of the keys" in a previous answer, which means that anything the attorney general wants, he can get. It also suggests that keys *can* be kept longer than court orders permit if the attorney general wants. Bill Stewart
Finally, the system will be designed to ensure that law enforcement destroys the keys it receives when its authority to conduct the electronic surveillance has expired.
. It also suggests that keys *can* be kept longer than court orders permit if the attorney general wants.
if also suggests there no safeguard in the system for keys to expire; thus an underground can form for keys since there is no expiration date.
participants (2)
-
Peter Shipley
-
wcs@anchor.ho.att.com