Re: Why is cryptoanarchy irreversible?
At 12:58 AM 11/8/1996, stewarts@ix.netcom.com wrote:
Strong vs. weak crypto isn't the real issue - for most business use, weak crypto is obviously unacceptable, but strong crypto with GAK is ok as long as it doesn't interfere with use (and as long as the government bureaucrats don't sell too many keys.)
To which, at 09:02 AM 11/8/96 -0800, Peter Hendrickson wrote:
We often say that the government is a security weak point and that this makes GAK impractical. However, this is not true. If the holders of the government keys were individually responsible for their release, they would not be released very often. That is, in order to use cryptography you must purchase an expensive encryption license. That pays the salary of a certified "key escrow agent" who is the only person who can decrypt your messages. What stops him from revealing your keys to unauthorized parties? It's his business. If that's not enough, you back it up with criminal penalties for disclosure. And, hiring this person is no different from hiring an employee for your company.
There are already similar activities. Lawyers are nominally employees of the state. Employees of Swiss banks can go to jail for violating their secrecy laws.
Then there is the meat-packing inspectors, I don't know if this should give piece of mind or instill new fear. The inspectors were put in there because the meat was rancid, the thing is, some of it still is if you listen to the critics. A partial fix at least.
At 12:58 AM 11/8/1996, stewarts@ix.netcom.com wrote:
The government might be able to stop new Netscape versions from using strong crypto - threatening to confiscate the company's ill-gotten gains from aiding and abetting money launderers might help, and threatening to confiscate PCs that use unapproved crypto. But it's tough to use a widespread threat like that on popular software once it's out there.
To which, at 09:02 AM 11/8/96 -0800, Peter Hendrickson wrote:
I agree, if the software is popular. But, if the fears of the GAKers and the dreams of certain cypherpunks are real, such software will not be popular.
Another point is, if the government attacks Netscape for their strong crypto(which is pretty hard to get, I'm in Oklahoma and I couldn't get it because some server didn't know for sure that my server was in the United States or Canada), someone will probabally make an in-line plug-in for encrypted data, and this plug-in may affect more of the browser than the existing system, making it more dangerous to the governments schemes. Anyone know where the data is stored on how to write for Netscape?
The address you mailed to is no longer valid. This is probably because the user in question was an old Open Net subscriber. Open Net is NO LONGER an ISP, and has not been since May 1996. We have no redirection address for that user. Please remove them from any mailing lists you might have. This response was generated automatically.
participants (2)
-
Open Net Postmaster -
Sean Roach