Re: The Global Fix is In
I'm reading a book, "Who Will Tell the Truth" with some very clear insights into How it All Works. The bottom line is the Bottom Line and the reason the crypto debate is going this way is due to exactly one thing: Money. I know there are those amongst this readership who feel that there is no place for the usual political process in dealing with the crypto issues, but that's not a universal or a given, nor is it necessarily practical in the long run. But within the existing structure the missing component in the debate is the active participation of a lot of dollars. The weight of Micro$osft + Netscape + (name your favorite list) is miniscule, and their players woefully inexperienced, compared to McDonnell D., G.E. Fed., TRW., Lock/Martin, IBM, and others who stand to gain hugely from a Federally-mandated and controlled PKI. Those heavyweights are all drinking buddies with the other Washington sorts who are in search of ever-expanding missions in life, and the result is a coterie who's primary interest isn't even remotely concerned with Child Pornography, Money Laundering, etc. but their own aggrandizement measured in personal and corporate dollars. There are no doubt massive investments being made by Industry in the conservative thinktanks who produce the intellectual fodder-de-jour that supports the position of this elite, and overwhelm the likes of McCain and Kerrey with impossible-for-the-legislature-to-understand managed "information" which boils it all down to the 4 Horsemen arguments. What's necessary here is a knowledgeable application of the same techniques, a coalition organization comprised of large business interests with an awareness of how Bad this all is, competing on the same turf. Noble anarchist or Constitutional arguments, whining about our Rights and such, are insignificant and irrelevant to the players. Who will belly up to the bar and provide leadership on terms that will truly be effective? ======================================================= At 10:16 AM 6/21/97 -0700, Tim May wrote:
The "Meeting of the Eight," formerly the G7, is happening in Denver. Listening to what's coming out of it, it's apparent that the Four Horsemen are front and center. Clinton is speaking of a network of banking and communications policy coordinators, to detect and halt drug dealing, money laundering, and nuclear terrorism.
This fits with the details of reports about global wiretapping efforts, about joint intelligence activities, and, of course, with the OECD/GAK laws being proposed, passed, and about to be signed into law about "Key Recovery" and "Trusted Third Parties."
The fix is in.
It probably won't be long before Stronghold is barred for export from either Britain or RSA (the other one); both Tony Blair and Nelson Mandela are Friends of Bill, so a few phone calls should take care of that little problem. (And Norway and the other Scandinavian countries are part of the global wiretap agreement, so I rather doubt free export of PGP 5.x code out of Norway will be feasible, despite the OCR effort now underway there.)
(Not that Clinton will mention Stronghold to Blair...that's far too much microdetail. Jimmy Carter might have gotten involved at that level, but not Bill. Details will be left to underlings.)
The call to Japan, probably the visit by David Aaron, stopped NTT's plans for exporting the RSA chip.
Anguilla and other "offshore" havens, will be subject to the same kinds of pressure. Mark my words.
It's not hopeless. Physical havens are vulnerable, to all sorts of pressures (I doubt many cryptographers want to set up shop in Libya or Iraq, not that these places would be hospitable to Cypherpunks sorts of goals and methods).
Going underground, using the untraceable features of cyberspace, may be the last, best hope.
--Tim May
There's something wrong when I'm a felon under an increasing number of laws. Only one response to the key grabbers is warranted: "Death to Tyrants!" ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@got.net 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^1398269 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway."
At 1:34 pm -0400 on 6/22/97, geeman@best.com wrote:
What's necessary here is a knowledgeable application of the same techniques, a coalition organization comprised of large business interests with an awareness of how Bad this all is, competing on the same turf.
Noble anarchist or Constitutional arguments, whining about our Rights and such, are insignificant and irrelevant to the players.
Who will belly up to the bar and provide leadership on terms that will truly be effective?
You rang? (He said, feeling particularly ambitious on a rainy June afternoon) You don't need an organization, a simple angry swarm of the right players is just fine, preferrably large commercial ones. You just need to tell them that S909 will kill the commercial internet, and all the billions that have been invested in it. The big stick to smack the hive with, the argument to present to those people who have the most to lose, is the following, if I may quote myself from several places this week :-):
Said syllogistically,
Digital Commerce *is* Financial Cryptography, Financial Cryptography *is* Strong Cryptography, therefore, Digital Commerce *is* Strong Cryptography. and, therefore, No Strong Cryptography, no Digital Commerce.
Instructions for the use of this syllogism:
Invite 'em to a presentation.
Use one proposition per slide, with nothing on the slide but the proposition, centered vertically and horizontally. Don't make handouts.
Put up the first slide, and defend the proposition. Repeat until last slide.
Ask for questions.
I will deliver the above talk to anyone who pays my travel expenses and can get butts in the seats to hear it. The "right" butts or no, you never know who knows somebody else. You buy, I fly. If anyone *else* wants to make the above presentation, and save the air and hotel bill, feel free. Practically *anyone* on this list knows how to more than adequately defend each of those propositions against all comers, foreign and domestic. :-). Now, then. When do we get started? Cheers, Bob Hettinga ----------------- Robert Hettinga (rah@shipwright.com), Philodox e$, 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' The e$ Home Page: http://www.shipwright.com/
On Tue, Jun 24, 1997 at 01:45:35PM -0400, tzeruch@ceddec.com wrote: [...]
... why wouldn't escrow work ...
Because the government could retroactively reverse transactions. Currency is only as good as far as it is trusted. Would you accept a transaction that if the government opened the crypto, and found that the person that sent you the cash was a drug dealer, which meant that all your finances are thus contaminated with "drug money", and that they would not only seize the transaction, but all other money? I think not.
So how is that different than the current situation without cryptography? If people couldn't live with key escrow, how can they live with the current situation? Answer: they live with the current situation because the government abuses you describe are kept below the revolution threshold. The same would be the case with key escrow.
The goverment could also open the note and spend it before you did (for things like back taxes). Assuming it is not a janitor working in the building housing the escrow computer who is doing it.
In effect, key escrow applied to electronic cash is a lein against every note that can be executed without your knowledge or consent.
But so what? Right now the government has intimate knowledge of your finances through tax records and other sources, and has the power to put liens on your property and your cash for all kinds of reasons. And indeed, all too frequently it gets out of control. But the bottom line is that business in the US continues to function. It would continue to function with key escrow, as well.
There are technical solutions and problems which I can go into further. But, briefly, the goverment will want to track all sides, and anything will require huge computer resources to store the escrowed keys.
Assuming certain models of key escrow, yes. Under other models, no. But imagine the worst case -- GAK creates a huge unwieldy expensive computerized infrastructure and associated bureacracy. What happens? Businesses find other ways to protect their data and transactions, huge economic inefficiencies develop, and the whole thing collapses and goes away. It's amazing how little faith libertarians have in the market system, isn't it? :-) Or another scenario: A janitors at a Government Key Escrow Center is caught making billions illegally. An outcry in Congress, laws are repealed, new laws are passed, etc etc etc. If the system works badly it will fail. [...]
If the government can declare "authentic" currency to have no value (especially retroactively), the same rule applies, which is why key escrow is equally damaging.
Governments have devalued currencies many many times in the past without the need of key escrow...key escrow is an independent issue. -- Kent Crispin "No reason to get excited", kent@songbird.com the thief he kindly spoke... PGP fingerprint: B1 8B 72 ED 55 21 5E 44 61 F4 58 0F 72 10 65 55 http://songbird.com/kent/pgp_key.html
At 2:13 pm -0400 on 6/28/97, Tim May wrote: Kent (With a Brick, Mr.) Chrispin emetted:
Governments have devalued currencies many many times in the past without the need of key escrow...key escrow is an independent issue.
Sure, but one of the potential advantages of strong crypto is the oft-discussed "denationalization of money." Leading bankers are beginning to see the light on this.
I wonder if Mr. Chrispin has ever heard of George Soros, or does the adventures of St. George and the BofE dragon smack too much of, horrors, capitalism? (Modulo Soros' ocassional self-flagellatory Atlantic article, of course. Knight-errants are all into that mortifying the flesh stuff. Or, maybe he's just trying to hedge his bets or something...) Anyway, on the same note, and, as a result of the Wired article this month on FC97 (I finally saw it, and it's not as bad as I thought it was going to be. I guess as long as they spell my name right...), I just got request for an interview from a staff writer from Forbes. He's writing on this very thing, the macroeconomic effect of transanational digital cash. His very words to me were:
An editor of mine liked the story so much he told me to expand it (a.k.a. totally rewrite it) looking at whether or not a boom in the use of electronic money might not render governmental monetary control irrelevant as well. Looking at the issue from that angle is convincing me that the answer is yes, and that the real story here is about crypto.
He's going to interview me on Tuesday, after the DCSB meeting. God help us all. :-). When I replied to him, I gave him the whole nine yards, poor guy. Hope I didn't scare him off: financial cryptography, the ubiquitous geodesic economy, cryptomoney, etc. (Including, of course, the, um, "excrable" e$yllogism. ;-)) I also gave him a whole passle of people to talk to about it, including David Friedman, who reported on another list lately that he's brought father Milton around to believing in the inefficiency of central banking compared to free banking, particularly in a world of ubiquitous internetworks and financial cryptography. I also sent him on to Tatsuo Tanaka, who did a presentation about a year ago at DCSB on, you guessed it, the transnationality of digital cash. :-). (Of course, Tatsuo's thinking then was that some global run or another on free$banks would end in the creation of a central bank of cypherspace, but, maybe, he's *much* better now. :-)) I didn't include you on that list, Tim, because I remember you saying something about not being bothered with such reporter.cruft anymore, and how coupling financial cryptography with strong cryptography in the eyes of the press and the financial establishment didn't make any sense, but, in case you want him to misquote us *both* and scare all those capitalist tools out there half to death, let me know and I'll send him your way. Or, maybe such glad tidings will make them all want to help us dance a jig on the eventual grave of the nation-state, you never know. The rich and hoity-toity are very different from you and me. Well, *me*, anyway... (Did I ever tell you the story about how my old man built a sailboat on St. Thomas without ever having really sailed much, and, the boat was so fast that it won *lots* of silver, so much silver that he made the New York Post (I think) about it, and, having read that article, Malcom Forbes came down to the islands that fall, and invited Pop to hang out with him on Highlander for a few days? No? Well, my old man built a sailboat on St. Thomas, you see,...) <Tune: "America the beautiful"> "My country tis of thee, land of plutography..." </T> Cheers, Bob Hettinga ----------------- Robert Hettinga (rah@shipwright.com), Philodox e$, 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire' The e$ Home Page: http://www.shipwright.com/
On Sat, 28 Jun 1997, Kent Crispin wrote:
But so what? Right now the government has intimate knowledge of your finances through tax records and other sources, and has the power to put liens on your property and your cash for all kinds of reasons. And indeed, all too frequently it gets out of control. But the bottom line is that business in the US continues to function. It would continue to function with key escrow, as well.
They can easily put a lein on MY property, but (except for some abuses which are the subject of lawsuits), they can't put a lein on something that has been sold and resold that is now someone else's. With GAK$, they can cancel every $20 e-bill I have ever spent, those I currently own, and those I have transferred to others in exchange.
Assuming certain models of key escrow, yes. Under other models, no. But imagine the worst case -- GAK creates a huge unwieldy expensive computerized infrastructure and associated bureacracy. What happens? Businesses find other ways to protect their data and transactions, huge economic inefficiencies develop, and the whole thing collapses and goes away.
It's amazing how little faith libertarians have in the market system, isn't it? :-)
Actually I expect exactly what you describe to happen. In various other posts and venues, I have said in some form that "The government won't be overthrown in a revolution, it will be obsoleted by technology". But waiting for the market to take effect may not be short or pleasant. Look how long it took for the Soviet empire to collapse.
On Sun, 22 Jun 1997, Robert Hettinga wrote:
You just need to tell them that S909 will kill the commercial internet, and all the billions that have been invested in it.
More to the point, it will kill the commercial internet within the US. We could ban steelmaking for environmental or safety reasons, which would not stop it, but then our steel producers and automakers would be out of business. I think the US may have one, maybe two years before we lose the entire crypto industry to overseas. We may still write the academic articles, but all the software and hardware will be imported. After all the problems about losing jobs, we are actively destroying this sector of high technology.
Digital Commerce *is* Financial Cryptography, Financial Cryptography *is* Strong Cryptography, therefore, Digital Commerce *is* Strong Cryptography. and, therefore, No Strong Cryptography, no Digital Commerce.
... why wouldn't escrow work ...
Because the government could retroactively reverse transactions. Currency is only as good as far as it is trusted. Would you accept a transaction that if the government opened the crypto, and found that the person that sent you the cash was a drug dealer, which meant that all your finances are thus contaminated with "drug money", and that they would not only seize the transaction, but all other money? I think not. The goverment could also open the note and spend it before you did (for things like back taxes). Assuming it is not a janitor working in the building housing the escrow computer who is doing it. In effect, key escrow applied to electronic cash is a lein against every note that can be executed without your knowledge or consent. There are technical solutions and problems which I can go into further. But, briefly, the goverment will want to track all sides, and anything will require huge computer resources to store the escrowed keys. That is unless getting one key unlocks every $20 digital note issued, and then how do we insure they will only unlock the ones listed in the original warrant? And what about stolen or multiply transacted ecash - you can only unlock the original payer and final payee - I know, make it illegal to transfer ecash without reporting the transaction!
From the original use of the touchstone to insure the quality of gold coins, all monitary units had to have an authentication mechanism. If the crypto is weak, notes are easy to forge (analogous to why there are so many hard to print things on $100 bills). If you can't tell counterfeit cash from real cash, you don't accept it, electronic or otherwise. This is why the $yllogism works. Just note that locations that can't verify checks don't accept them.
If the government can declare "authentic" currency to have no value (especially retroactively), the same rule applies, which is why key escrow is equally damaging.
On Tue, 24 Jun 1997 tzeruch@ceddec.com wrote:
On Sun, 22 Jun 1997, Robert Hettinga wrote:
You just need to tell them that S909 will kill the commercial internet, and all the billions that have been invested in it.
More to the point, it will kill the commercial internet within the US. We could ban steelmaking for environmental or safety reasons, which would not stop it, but then our steel producers and automakers would be out of business. I think the US may have one, maybe two years before we lose the entire crypto industry to overseas. We may still write the academic articles, but all the software and hardware will be imported. After all the problems about losing jobs, we are actively destroying this sector of high technology.
Not only that, it will open up many (most?) US systems up to being hacked by making effective and usable forms of security either expensive or unworkable. (How much of the free security software is distributed through universities and government agencies? Quite a bit from what I have seen.) S909 will be a disaster no matter how you look at it. It will weaken security for much of the net. I find the idea that this is being done for "National Security" to be frightening. Can they really be that clueless or is something else planned? All this to prosecute (not even really catch) a hand full of kiddy pornographers... "We had to destroy the global village in order to save it." - Sen Kerrey. alano@teleport.com | "Those who are without history are doomed to retype it."
At 10:11 AM -0700 6/28/97, Kent Crispin wrote:
So how is that different than the current situation without cryptography? If people couldn't live with key escrow, how can they live with the current situation? Answer: they live with the current situation because the government abuses you describe are kept below the revolution threshold. The same would be the case with key escrow.
Not intending to squelch the thread by invocation of Godwin's Law, but how does Nazi Germany fit into this model? In case this isn't clear, the concern is that a GAK system is very dangerous should a Nazi-like regime develop (or even should a J. Edgar Hoover and/or Craig Livingstone regime develop). While regimes of the past few decades _may_ not be abusive in this way (apologies to Reagan, Bush, and Clinton haters out there), the deployment of GAK would be a tempting target for future despots and satraps. Thanks, but I'll keep my own records, my own crypto keys, and my own money. ...
But so what? Right now the government has intimate knowledge of your finances through tax records and other sources, and has the power to put liens on your property and your cash for all kinds of reasons.
This overstates the knowledge the government has of our finances. Much as I oppose the IRS in so many ways, they are basically clueless about a whole raft of transactions. The tax laws stipulate that incomes be reported, but not what money is spent for, not to whom monies are paid (unless one is an employer or a few other described situations), etc. As to the future, I agree that there will be more consolidation and cross-linking of data bases--including some the IRS has no _statutory_ access to (e.g., credit reporting , databases, absent a court order, though apparently the CRAs are malleable). By combining tax records, bank records, local property tax records, credit card records, travel records (airlines, etc.), and so on, a much more complete "citizen-unit tracking" data base can be built. This is something most of us are fighting, in various ways, not something we should accept as par for the course when contemplating GAK. My view on GAK is quite simple: let those who wish to escrow their keys do so. Let those who don't wish to keep their own keys and use crypto algorithms of any strength they desire.
Assuming certain models of key escrow, yes. Under other models, no. But imagine the worst case -- GAK creates a huge unwieldy expensive computerized infrastructure and associated bureacracy. What happens? Businesses find other ways to protect their data and transactions, huge economic inefficiencies develop, and the whole thing collapses and goes away.
It's amazing how little faith libertarians have in the market system, isn't it? :-)
A cheap shot, even taking into account Kent Crispin's shilling for GAK. If a key escrow system is in fact purely voluntary, who cares? I, for one, don't. (Though I often look at "voluntary" systems with an eye toward what I call the "flag day scenario," where a legislative or executive-level "switch" is thrown and what was once voluntary becomes mandatory. I oppose government involvement in infrastructures which could too easily become mandatory.) As various business groups have been reporting (check the archives for many such mentions), there may be various needs for forms of "key deposit" and "key recovery," and corporations often already have them. Typically they involve data warehousing, keys deposited with company lawyers, etc. Many of us keep written descriptions of our cryptographic keys/passphrases in safe deposit boxes, or in sealed envelopes left in the care of friends or family. This is partly to protect against the "I forgot my passphrase" scenario, partly to allow reconstruction of files under various dire circumstances, etc. But these business groups have said clearly they don't want Big Brother holding a master key to their communications and files! And, as nearly all of us (_nearly_ all of us!) have pointed out, repeatedly, whatever the putative need for key recovery is within corporations, there is essentially no need for such a thing for *communications*! The only viable customer for a communications key is someone who has intercepted the communication! Neither the sender, who has the files on his local disk, possibly cryptographically protected under a key that the corporation wants a key recovery program for, nor the receiver, who has the plaintext, or who stores the received file in the same way, are customers for a GAK system that involves the communications channel. So, will government please drop all consideration of "key recovery" for _communications_? (I rather doubt this.)
Governments have devalued currencies many many times in the past without the need of key escrow...key escrow is an independent issue.
Sure, but one of the potential advantages of strong crypto is the oft-discussed "denationalization of money." Leading bankers are beginning to see the light on this. (See, for example, the cover story in "Wired" several months ago, where the blurb was about Walter Wriston "sounding like a cypherpunk.") --Tim May There's something wrong when I'm a felon under an increasing number of laws. Only one response to the key grabbers is warranted: "Death to Tyrants!" ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@got.net 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^1398269 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway."
On Sat, Jun 28, 1997 at 11:13:17AM -0700, Tim May wrote:
At 10:11 AM -0700 6/28/97, Kent Crispin wrote:
So how is that different than the current situation without cryptography? If people couldn't live with key escrow, how can they live with the current situation? Answer: they live with the current situation because the government abuses you describe are kept below the revolution threshold. The same would be the case with key escrow.
Not intending to squelch the thread by invocation of Godwin's Law, but how does Nazi Germany fit into this model?
?How does Nazi Germany fit into any model?
In case this isn't clear, the concern is that a GAK system is very dangerous should a Nazi-like regime develop (or even should a J. Edgar Hoover and/or Craig Livingstone regime develop). While regimes of the past few decades _may_ not be abusive in this way (apologies to Reagan, Bush, and Clinton haters out there), the deployment of GAK would be a tempting target for future despots and satraps.
Thanks, but I'll keep my own records, my own crypto keys, and my own money.
Of course it would. So would current bank/brokerage/business records. So would your personal records (if they were interesting) and money (if there was enough of it). Certainly keys in a government TTP would be a easier target than some. But (since we are here) Nazi Germany is proof that there are plenty of other targets, perhaps not quite as juicy, but just as viable. And Nazi Germany is also proof that strong crypto really doesn't do much good when the rubber hoses can be deployed without hinderance. In fact, your safety and wealth depends in large measure on the protections provided by that government you scorn. In any healthy tyranny the jackboots would have been on your throat long ago, regardless of your little arsenal, and your money would be purchasing toys for the rulers.
But so what? Right now the government has intimate knowledge of your finances through tax records and other sources, and has the power to put liens on your property and your cash for all kinds of reasons.
This overstates the knowledge the government has of our finances.
Perhaps. It's a mere matter of degree, though -- the point is that the government already has power to compel reporting in many cases, and life goes on... [...]
My view on GAK is quite simple: let those who wish to escrow their keys do so. Let those who don't wish to keep their own keys and use crypto algorithms of any strength they desire.
Well, good. That's my view of it, also.
Assuming certain models of key escrow, yes. Under other models, no. But imagine the worst case -- GAK creates a huge unwieldy expensive computerized infrastructure and associated bureacracy. What happens? Businesses find other ways to protect their data and transactions, huge economic inefficiencies develop, and the whole thing collapses and goes away.
It's amazing how little faith libertarians have in the market system, isn't it? :-)
A cheap shot, even taking into account Kent Crispin's shilling for GAK.
Like shooting fish in a barrel, really. Anyway, you know that I don't favor GAK, so where are you coming from? All I have ever said is that there is strong corporate demand for enterprise level key recovery.
If a key escrow system is in fact purely voluntary, who cares? I, for one, don't.
(Though I often look at "voluntary" systems with an eye toward what I call the "flag day scenario," where a legislative or executive-level "switch" is thrown and what was once voluntary becomes mandatory. I oppose government involvement in infrastructures which could too easily become mandatory.)
That's the rub. You say "voluntary -- who cares", but fight tooth and nail when customer demand forces companies like PGP and TIS to implement some form of key recovery -- rather than face the facts, you claim it's all government pressure and brainwashing, and advocate employee sabotage of company products. Well, there certainly is government pressure, but there is *also* legitimate, informed, demand. [Your description of legitimate, informed, demand deleted]
And, as nearly all of us (_nearly_ all of us!) have pointed out, repeatedly, whatever the putative need for key recovery is within corporations, there is essentially no need for such a thing for *communications*! The only viable customer for a communications key is someone who has intercepted the communication!
Certainly. [...]
So, will government please drop all consideration of "key recovery" for _communications_?
(I rather doubt this.)
I rather doubt it, also. However, escrow of communications keys is, in my opinion, not only completely illegitimate, but idiotic from a technical point of view. So, I think this effort on the part of the gov will fail.
Governments have devalued currencies many many times in the past without the need of key escrow...key escrow is an independent issue.
Sure, but one of the potential advantages of strong crypto is the oft-discussed "denationalization of money." Leading bankers are beginning to see the light on this.
Some might see this as ultimate fascism...in the long run, putting the force monopoly purely under control of those with money. In any case, speculation.
(See, for example, the cover story in "Wired" several months ago, where the blurb was about Walter Wriston "sounding like a cypherpunk.")
I generally don't read "Wired". Geez -- I don't even have time to read the "archives"... :-) -- Kent Crispin "No reason to get excited", kent@songbird.com the thief he kindly spoke... PGP fingerprint: B1 8B 72 ED 55 21 5E 44 61 F4 58 0F 72 10 65 55 http://songbird.com/kent/pgp_key.html
juicy, but just as viable. And Nazi Germany is also proof that strong crypto really doesn't do much good when the rubber hoses can be deployed without hinderance.
Strong crypto you must remember is only part of the solution. The reason for the lack of direct response from the Jews during the holocaust was the "legally elected" 3rd Reichs programme of disarming it`s citizens. Strong crypto along with other communication technologies provide a strong and secure framework within which armed resistance can take place, these same technologies also allow for infowarfare type attacks on the infrastructure of whole countries or jurisdictions.
In fact, your safety and wealth depends in large measure on the protections provided by that government you scorn. In any healthy tyranny the jackboots would have been on your throat long ago, regardless of your little arsenal, and your money would be purchasing toys for the rulers.
Well, tax money already does purchase toys for the rulers and the jackboots are moving towards our throats slowly so no-one notices. Safety and wealth derive from free market economies and rights to self-defence, not from a government.
It's amazing how little faith libertarians have in the market system, isn't it? :-)
A cheap shot, even taking into account Kent Crispin's shilling for GAK.
Like shooting fish in a barrel, really. Anyway, you know that I don't favor GAK, so where are you coming from? All I have ever said is that there is strong corporate demand for enterprise level key recovery.
For once we agree, CACK (corporate access to corporate keys) is a service that is in demand, and will be more in demand in future. I see no reason for this to involve any government or be a regulated market, a competitive corporate escrow market is the best way to go. Datacomms Technologies data security Paul Bradley, Paul@fatmans.demon.co.uk Paul@crypto.uk.eu.org, Paul@cryptography.uk.eu.org Http://www.cryptography.home.ml.org/ Email for PGP public key, ID: FC76DA85 "Don`t forget to mount a scratch monkey"
The difference is that there are no borders on the internet. I can't move a physical storefront, nor an account at a local bank, but my virtual website and e-receipts can be 12 timezones and one hemisphere distant in a few minutes. Or even spread across 12 timezones and two hemispheres :). Just starting with strong crypto in the sense of things like PGP, add anonymous broadcast and M of N secret splitting and if the mind recovers from the mathematical boggle, the societal implications will be there to ponder. If money or ownership of property is data, it will be uncontrollable in a few years, if that. On Mon, 30 Jun 1997, Paul Bradley wrote:
juicy, but just as viable. And Nazi Germany is also proof that strong crypto really doesn't do much good when the rubber hoses can be deployed without hinderance.
Strong crypto you must remember is only part of the solution. The reason for the lack of direct response from the Jews during the holocaust was the "legally elected" 3rd Reichs programme of disarming it`s citizens.
Strong crypto along with other communication technologies provide a strong and secure framework within which armed resistance can take place, these same technologies also allow for infowarfare type attacks on the infrastructure of whole countries or jurisdictions.
In fact, your safety and wealth depends in large measure on the protections provided by that government you scorn. In any healthy tyranny the jackboots would have been on your throat long ago, regardless of your little arsenal, and your money would be purchasing toys for the rulers.
Well, tax money already does purchase toys for the rulers and the jackboots are moving towards our throats slowly so no-one notices. Safety and wealth derive from free market economies and rights to self-defence, not from a government.
On Mon, Jun 30, 1997 at 04:25:17PM +0000, Paul Bradley wrote:
juicy, but just as viable. And Nazi Germany is also proof that strong crypto really doesn't do much good when the rubber hoses can be deployed without hinderance.
Strong crypto you must remember is only part of the solution. The reason for the lack of direct response from the Jews during the holocaust was the "legally elected" 3rd Reichs programme of disarming it`s citizens.
In "the real world" (tm by Kent Crispin), Paul, there isn`t anything that has a single cause, and chains of causality twist, entertwine, and extend backward indefinitely. The lack of a "direct response" -- well, you should be able to think of thirty reasons before breakfast, if you try. [...]
It's amazing how little faith libertarians have in the market system, isn't it? :-)
A cheap shot, even taking into account Kent Crispin's shilling for GAK.
Like shooting fish in a barrel, really. Anyway, you know that I don't favor GAK, so where are you coming from? All I have ever said is that there is strong corporate demand for enterprise level key recovery.
For once we agree, CACK (corporate access to corporate keys) is a service that is in demand, and will be more in demand in future. I see no reason for this to involve any government or be a regulated market, a competitive corporate escrow market is the best way to go.
Key recovery, of course, involves a very wide range of possible implementations, escrow services being only one. My gripe has been that cypherpunks (this is an overgeneralization, to be sure) are so averse to key recovery in any form that good systems are simply not being developed. Thus there isn't a healthy, competitive market, and thus, government and corporate interests are taking the field, by default. This is a crying shame. Key management is one of the basic problems of cryptography -- arguably the most important outstanding problem for any practical system today. As crypto spreads into the collective consciousness people will likely have many keys. Dedicated souls can keep track of several infrequently used passphrases, but for most of us it just doesn't work. -- Kent Crispin "No reason to get excited", kent@songbird.com the thief he kindly spoke... PGP fingerprint: B1 8B 72 ED 55 21 5E 44 61 F4 58 0F 72 10 65 55 http://songbird.com/kent/pgp_key.html
Without taking a position on the rest of the following post, I should say that it's the conservative thinktanks and grassroots groups that are leading the opposition to all administration proposals and are taking a crypto-absolutist stance. -Declan Sure, libertarian groups are just as good or better, but there are fewer of them. (Cato -still- hasn't come out with their crypto policy analysis even after they've been working on it for half a year. At least their privacy paper should be coming out soon. And CEI doesn't have the staff to devote someone to this issue.) They've done a few conferences and such, but they're limited by numbers. On Sun, 22 Jun 1997 geeman@best.com wrote:
massive investments being made by Industry in the conservative thinktanks who produce the intellectual fodder-de-jour that supports the position of this elite, and overwhelm the likes of McCain and Kerrey with impossible-for-the-legislature-to-understand managed
participants (9)
-
Alan -
Declan McCullagh -
geeman@best.com -
Kent Crispin -
Paul Bradley -
Robert Hettinga -
snow -
Tim May -
tzeruch@ceddec.com