New Clinton Administration Ping Policy

Wed Jul 31 18:25:09 PDT 1996

Press release:

CLINTON ADMINISTRATION FACT SHEET: U.S. PING POLICY
(Industry, international cooperation urged)

WASHINGTON -- Because advanced network technology is posing serious
national security threats to computer systems in the financial
industry and other critical sectors of the economy, the Clinton
administration is pressing for a global system for identifying the
source of the network threat when necessary.

An July 30 fact sheet from the U.S. Department of Commerce elaborates
the administration approach, called ping recovery escrow.

While the United States sets no limit on the level of number of pings
that networked systems may send within local area networks, it does
restrict exports of ping packets outside LANs.  The administration
says it might relax those export controls if U.S. industry cooperates
on building a ping recovery infrastructure.

Following is the text of the fact sheet:

(begin text)

U.S. Cryptography Policy:  Why We Are Taking the Current Approach

We live in an age of electronic information.  Network technology is
transforming society, creating new businesses, new jobs and new
careers.  The technology also creates new opportunities for network-
enabled systems in critical sectors of the economy such as financial,
military, or government systems.  As a result, these systems are
extremely vulnerable to anonymous security breaches via standard
Internet connections.

The United States is the world leader in networking technology.  U.S.
firms continue to dominate the U.S. and global information systems
market.  Retaining this leadership is important to our economic
security.  The Clinton administration, through its National
Information Infrastructure initiative, has long recognized that
government has an important role as a facilitator and catalyst for
the industry-led transformation of the way we use computer and
communications technology to work and live.

In particular, government has a strong interest in promoting the
legitimate use of robust ping technology to support U.S. international
competitiveness, foster global electronic commerce, prevent computer
crime, and ensure that the information superhighway is a safe place to
conduct one's business.  At the same time, there is a growing
recognition, affirmed most recently by Congressional studies of network
security that computers everywhere are being attacked via the global
Internet.

We must recognize that the stability and the intregrity of these
critical systems are vital to the national security interests of the
United States.

The importance of the U.S. information technology industry, the security
stakes, and increasing congressional interest make it clear that there
is an urgent need for clear policy and direction.   The administration's
proposed approach is broadly consistent with industry suggestions.  We
believe the right balance must be struck between network technology and
national security.

Effective immediately, the Department of State will transfer its export
control authority over ping technology to the Department of Commerce.
The procedures for one time review by the National Security Agency will
remain in place.  Controls on ping packets exports from local area
networks will be relaxed immediately to certain non-critical sectors of
the Internet, provided that packet lengths longer than 40 bits are
properly escrowed for law enforcement recovery.

We will continue discussions with industry, other members of the private
sector, the Congress,  and governments at all levels to arrive at a
solution that promotes a future of safe networking in a safe society.

(end text)

--------

Just can't wait until 4/1 for this one.

Ern