Two recent threads have been: * Government-controlled ID systems (National ID Card, is-a-person credentials, etc.) * Software Key Escrow (SKE) These two threads are intimately connected, I claim. We would do well to consider how they relate, given the recent revelations about plans for SKE by Microsoft, the already-existing (but mostly unused?) features in Apple's AOCE/System 7 Pro/etc. system, the proposal by Stephen Walker at TIS of an SKE system, and the press for a National ID card. The "anarchic" model of the "web of trust" found in PGP is anathema to control freaks...sorry if this sounds like I'm grinding an ideological axe, but I don't feel I have to make posts to _this_ group sound like impartial, academic papers. Someone discussing key escrow here recently said that one thing he's want to see in any "voluntary" system is "proof of identity." Though many of us here dismissed his arguments as Detweileresque, in that Detweiler was always trashing pseudonymity (while being by far the most obvious user of it, ironically). But I think these arguments are common in some circles. For example, to use the Apple Open Collaboration Environment (AOCE) stuff, one gets one's key by submitting to RSA a notarized statement of one's identity. I haven't done this, and have no intentions to ever do so, but I gather than one take's one's passport, birth certificate, etc., down to a Notary Public, she confirms that the person is indeed "Sue D. Nym," signs and stamps the AOCE or RSADSI form, and this is snail-mailed to RSADSI in Redwood Shores. Some days or weeks later, one's key arrives. Sort of kills the idea of multiple keys for multiple purposes, of changing keys frequently, and of not going through such a process in the first place. Oh, and of course it costs money (the Notary for sure, and maybe RSADSI...though maybe Apple gives your a free coupon "Good for One Key Generation"). The Microsoft thing may be going down a similar track. The Microsoft paralegal who confirmed to me yesterday (via Blanc Weber, who can attest to what I'm saying) that MS is indeed pursuing SKE claimed that this is primarily to meet export laws and will not apply, he claims, to U.S. users. (I'm confused. If it's _export_ laws, and not _import_ laws into Haiti, Iraq, France, or other police state who may insist on key escrow, then won't all U.S.-sold packages of "Chicago" have to have this SKE built in? Why should U.S. export laws care about what key escrow laws other countries have? Since when do we enforce other countries' laws at our borders?)

From everything I am seeing, SKE will be incorporated into some widely-used operating systems, notably, Microsoft's upcoming release of "Chicago," the successor to Windows 3.1. (Chicago is essentially Windows 4.0)

Who will write this? The SKE proposal described at the Karlsruhe workshop in international key escrow was authored by Stephen Walker and David Balenson of Trusted Information Systems. Matt Blaze's post yesterday discussed this in more detail. I suggest we look very closely for connections between TIS and Microsoft, Apple, Novell, Sun, and any other major OS providers. I believe TIS is preparing an SKE system that involves the "proof of identity" notary system Apple and RSADSI are now using, that involves mandatory selection of escrow agents (*), and that will be widely deployed in upcoming future operating systems, probably in Chicago in 1995 and maybe in Apple's System 7.5 in '95 as well. As Hal Finney notes, this will nuke the "web of trust" model, and will also make all systems in which keys need to be generated on an ad hoc, as needed basis very difficult or impossible to deploy--at least if the built-in systems of Chicago or System 7.5 are to be used. (* A note of confusion. I don't see how the schemes described by Matt Blaze, Carl Ellison, and others here, in which groups of communicants agree on a mutual escrow agent can work. For example, suppose a bunch of say, "OK, we'll play your silly game. We'll use your software, but our "escrow agents" will be "cypherpunks.nil" and "bitbucket.void," both of which consign all incoming keys to oblivion. Whutja gonna do now?" This makes the escrow agents a charade, unless of course there are laws regulating escrow agents!) In closing, it looks like the anarchic, distributed, web-of-trust stuff has been recognized as something governments need to quash. The first attack, Clipper, failed miserably, for various reasons. The second attack is much more insidious. Use various pressures on Microsoft (Gee, I wonder what _that_ could be?) to deploy a Beltway Bandit-deveoloped (TIS, with inputs from Denning, NIST/NSA) system that is, happily, "freely exportable." This satisfies Cantwell (so she drops her bill), this allows Clipper to be quietly killed, this allows Microsoft to free export Chicago, Daytona, and other such products, and this presumably keeps the national security state people happy. Well, this is my scenario. It could be wrong in some details, but clearly something is brewing out there....too many pieces are matching up. Vigilance! --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway."