re: NIST GAK export meeting, sv
-----BEGIN PGP SIGNED MESSAGE----- - From Pat Farrell's <pfarrell@netcom.com> short summary of the NIST GAK meeting (12/5/95 5:49 PM):
My favorite policeman, Geoff Greiveldinger, then described the characteristics of an acceptable key escrow agent. There was a long list of criteria, all unseen before the meeting. The general reaction of the audience was that these were "yet another set of criteria that must be met." Geoff claimed that they were simply trying to address the questions raised at the earlier meeting about who is an acceptable escrow agent. One point that caused a lot of concern was that at least one employee of the escrow agent has to have a SECRET clearence.
(Thanks for the summary, Pat.) This last bit is really rich. I can't think of a single publically defensible reason for the stipulation that every escrow agent must employ someone with SECRET clearance, but I *can* think of a publically indefensible reason for it -- to facilitate those spooky non-court wiretap authorizations that've been alluded to in the fine print of the GAK proposals. Of course, just because escrow agents would be required to hire *someone* with a SECRET clearance doesn't mean that *anyone* with a SECRET clearance would fill the bill. And that's the rub: the administration of clearing people-with-SECRET-clearances for escrow agent employment would be conducted -- where else? -- *in secret*. SECRET clearance, of course, wouldn't be the salient criterion; after all, there are people on the Cypherpunks list -- and a few who aren't on it but are like-minded -- who'd be, uh, reluctant to deliver keys in the absence of a a wiretap authorized by a judge. And, as a petty aside, it's nice to see that the gov't had cooked up yet another way to force potentially legitimate businesses to pay its stoolpigeons to chip away out our civil rights. Hieronymous -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQBVAwUBMMTbw73g0mNE55u1AQEyPQIAsFDidHJrD7fjCee8Wa7ufj7MFnvJGYCQ zGZR7VdtpV4IGp52SvW8UBiJjv7FeWkmwwGWD43MN/88f79MpTCO3Q== =DOoi -----END PGP SIGNATURE-----
Imagine you are in the Justice Dept. You have to work out a policy for escrow agents because your boss says so. You begin to work out scenarios, just like when you design software. One scenario is that the FISA court issues a warrant for a wiretap/decrypt of a suspected foreign agent. The fact of the order, and esp. the ID of the target, have a SECRET classification. It is a crime to show a SECRET document to a person without clearance. Yet, escrow agents can reasonably refuse to disclose a key (indeed, SHOULD refuse to disclose a key) without seeing a real warrant. How do you solve the problem? (Hint: asking Congress to change either the classification laws, the FISA court rules, or the GAK policy are not options.) I'm certain the above was a large part of their thinking in adding the requirement of a SECRET cleared person. If you accept their premises -- note the "if" -- it makes a certain degree of sense. I offer the following two bets for which I have no evidence: 1) This will be the PR that most damages the proposal 2) If they ever actually implement the policy, they will give the clearances out as fast as they can, just to show good faith. Not that SECRET is a very high clearance any more, anyway....It's main value is in giving them another way to jail you if you leak the fact of the order and it ruins the investigation. (Plus, I suppose, obstruction of justice...) CRYPTO: Does anyone recall the cite for a paper a few years that set out a way to have escrow agents who would be "oblivious" to the identity of the subject of the warrant? And how would such an escrow agent be sure that they were not being duped by the feds? A. Michael Froomkin | +1 (305) 284-4285; +1 (305) 284-6506 (fax) Associate Professor of Law | U. Miami School of Law | froomkin@law.miami.edu P.O. Box 248087 | http://www.law.miami.edu/~froomkin Coral Gables, FL 33124 USA | It's warm here.
participants (2)
-
Michael Froomkin -
nobody@REPLAY.COM