Declan McCullagh and Gilmore have already provided a brief summary of the doc, here are a few thoughts I sent to some others last night: - the meat is in the footnotes. - buzzword compliance: key recovery and Key Management Infrastructure (KMI). - intro: market forces and government/industry cooperation. - key bullet points: o Certificate authorities will operate within performance standards set by legislation o Agreements between governments will serve as the basis for international cross certification. o Self-escrow will be permitted under specific circumstances. [1] [1] The escrow agency must meet performance requirements for law enforcement access. - Denning's CACM survey key escrow article and Hoffman's "Building in Big Brother" are cited. - A lot of talk about "mutually trusted CAs" A footnote [4] "A mutually trusted authority is an escrow agent trusted by users to store keys and trusted by law enforcement to provide access upon certification of lawful authority." One has freedom to choose any CA, as long as the mutual trust exists. - At the international level "Law enforcement and some national security concerns would be protected since government agencies would be able to obtain escrowed key pursuant to government-to-government agreements." - Products can be exported to countries with these agreements. - Self escrow: "To avoid this risk [of investigations being compromised], independent escrow authorities could be added as another layer. Such a solution would drive up the cost to operate the PKI and drive down the efficiency of conducting public key certification functions, particularly for individual users." [Ok, so independent CAs are "bad" things"] "The solution may be a national policy which allows CAs for an organization to be escrow authorities if they can reliably turn over keys in a timely fashion when requested and to protect the confidentiality of any request for escrowed key. To this end, the government should seek legislation that would shield organization certificate authorities from internal pressures in the course of law enforcement investigations." [A "good" thing?] - provisions for legislation on civil or criminal liability on the commercial/private side. - gives requirements for KMI: key integrity, key accessibility, key recovery with respect to confidentiality, availability and responsiveness (24 hours) requirements. So Clipper III is a bit meaner and leaner. If Clipper I would have sunk because of sheer clumsiness, a sleeker ship carrying the same load will now be developed by the free market. The load is the assumption that citizens can be "compelled in any criminal case to be a witness against himself." _______________________ Regards, We could never learn to be brave and patient, if there were only joy in the world. -Helen Keller Joseph Reagle http://farnsworth.mit.edu/~reagle/home.html reagle@mit.edu E0 D5 B2 05 B6 12 DA 65 BE 4D E3 C1 6A 66 25 4E