I have FOIA'd the Clipper Key Escrow databases

smb at research.att.com smb at research.att.com
Sun Feb 27 17:24:16 PST 1994


	 Also, giving classified information to unauthorized people is a major
	 offense.  They threatened me with that offense one time, over texts
	 that I found in a library.  If the keys in the database are
	 classified, they can't give them out to cops.  FOIA requires that they
	 "segregate" any classified part and give me the rest of what's there,
	 so if they claim that "well, one key isn't classified, but ten or a
	 thousand of them are classified", I bet we can (1) get some keys out,
	 (2) challenge this idea in court.  In particular, it should be
	 possible to record the LEAF from a particular chip (whether you own
	 it, or not!) and send it to them in a FOIA request asking for the
	 matching unit key.  They clearly can map a LEAF to a key (they do it
	 for cops), and FOIA only requires that you "reasonably describe" the
	 records you want.  Given their mapping capability, the LEAF is a
	 reasonable description of the record you want.

Good strategy.  I still wonder if the decrypted keys are (all) classified,
while the encrypted ones aren't.  After all, the local cops' magic decoder
boxes can strip off that layer of encryption (as, of course, anyone
who steals one of those boxes or bribes a local cop).

Anyway, I hope the idea works, or at least drives them a bit crazy...






More information about the cypherpunks-legacy mailing list