to most on the list, the subject of this message would be an oxymoron. ("there is no compromise!") regarding the recent Netscape brouhaha: I tend to agree with Clark in only one regard: the government is going to get into the key storage/retrieval business in some form or another eventually & inevitably; it's just not stoppable. like one of the NSA spooks said after the Clipper fiasco, "well, we had to try". the aspect that is up for grabs is whether these systems will be *mandatory* for all private communication. here's a quick idea. the post office is getting into certification authorization come hell or high water (ETA summer, 96). now, frankly I think this is a good thing. someday we will need some kind of legal agency to deal with citizen keys, so that we could have cryptographic dealings with federal agencies such as the motor vehicles department, etc. many are going to blast me to oblivion for saying this, though. but don't you think there are some benign government services that you would like to have access to via your "state" or "legal identity" key? this would prevent other people from faking your identity in front of the state, e.g. voter fraud, and other miscellaneous things. it seems to me the problem is when a government begins to insist that the only authorized encryption you can use must be based on the secret key they give you is where all the problems arise. so, what we could advocate as a compromise (given that the post office is absolutely not going to *not* get in this business, from what I can tell). we encourage the idea of KEY FREEDOM this would be a heading for the idea that we are in support of the (our) government creating cryptographic infrastructures and key authentication services, as long as we always have the total freedom to encrypt according to however we please in private communications. in other words, we are willing to have an official state identity/key as long as it is not required in our private transactions, only those involving the state. (yes of course I know "state" is a pornographic word here, heh). if you don't like this imagine it as a "stopgap measure" on the way toward full cryptoanarchic infocalypse that government bureacrats might buy. another idea is that we might reasonably support a system that has such a thing as "key escrow" but we only use the keys they give us as part of our signatures to other people if we want to reveal our "official" state identity, not to encode the communication itself. in this way someone else could verify your identity for e.g. legal/ contractual purposes, but the overall communication would remain private. in other words, we agree that the government does have the authority to link people to their "official numbers", but we have a choice about when to use those official numbers in any private communication, and by law businesses do not ever have to *require* authentication in this way. the numbers of course would be required in communication between the individual and government. the situation is that the government *now* requires that it knows who we are when we communicate with it in any official context. therefore I submit that the above system would not take away any rights, and in fact might lead to privacy advocates being able to use a massive government key-infrastructure but still retain communication privacy. in other words, you now have the government actually supporting your cryptographic freedom by giving you a massive "official" key distribution system you can use any way you like. another possible compromise is that by default, keys would be insecure, in the sense the government stores them for "key escrow" purposes, but people are always recognized as having the right as "tunneled encryption" (a great term for private encryption within the state encryption). you see, cypherpunks often recognize that most of the world is so clueless that they don't protect themselves, and they almost don't deserve to have privacy by the default if they are entirely clueless or apathetic about obtaining. so what we might be able to accomplish is a system in which all the clueless people use the government-supplied keys, the FBI cracks some percentage of "clueless" criminal communication, and non-clueless people go ahead and bypass it all. now, before you hotly flame my eyebrows off, I say these things not because I like key escrow, but that I suspect the post office is going to move into certification no matter what, and the idea of key escrow is closely related to that. with a little finetuning the cypherpunk position could help define the actual rights of individuals relative to these new government systems in a way that is totally compatible with all our core privacy beliefs. what I am getting at is that we could twist the words "key escrow" to mean that the government provides some infrastructure for storing & accessing public keys (similar to phone books), and we could simultaneously vehemently deny that "key escrow" legitimately allows the government to actually *have* our secret keys. in other words, we say, "yes we support key escrow. of course it is a good idea to let the government have simple phonebooks of keys. oh, wait, you mean we have to USE THESE KEYS? in the official STATE ENCRYPTION ALGORITHM? we have to STAMP OUR SSN# ON EVERY TRANSACTION WITH EVERY BUSINESS? sorry buster, what I do with my key is my private matter. this would be again to having official government phones that allowed the government to call any number and start surveilling the room the phone is in."