puff pieces vs tough crypto issues (Re: Singapore TOILET ALERT)

Jonah Seiger jseiger at cdt.org
Wed Oct 22 11:24:11 PDT 1997



At 12:17 PM -0400 10/22/97, Declan McCullagh wrote:

>>From my perch in Washington, I see PGP 5.5/CMR as an existence proof that
>key recovery can be done. So far the crypto-advocates have been able to
>wave around the Blaze et al white paper that says we don't know how to do
>it. Even Dorothy Denning agreed. But now when a mandatory GAK bill goes to
>the House floor, all Rep. Solomon etc. have to do is wave around a
>shrinkwrapped copy of PGP and say: "I bought this for $19 at the Egghead
>shop at 21st and L." Details will be lost in the fearmongering.

While I suspect that new key recovery or CMR products may create some new
traction for supporters of mandatory GAK, PGP 5.5 is not the first example
of such a product (TIS has been marketing key recovery products for a
while).

More importantly though, the Blaze et al study
(http://www.crypto.com/key_study) did not say that key recovery/key escrow
systems can't be built.  It said that such systems designed to meet law
enforcement specifications (24/7 real time access, the infrastructure for
key exchanges, and security considerations necessary for such a system to
function) are beyond the scope of the field and would create significant
vulnerabilities in the network.

This is an important distinction.

So far, Soloman, the FBI, nor other mandatory GAK supporters have said that
PGP 5.5 or other key recovery products on the market today solve their
so-called 'problems'.  I don't really expect them to. They seem to want
much much more.

Jonah



* Value Your Privacy? The Government Doesn't.  Say 'No' to Key Escrow! *
            Adopt Your Legislator -  http://www.crypto.com/adopt

--
Jonah Seiger, Communications Director              (v) +1.202.637.9800
Center for Democracy and Technology              pager +1.202.859.2151
<jseiger at cdt.org>
                                                    PGP Key via finger
http://www.cdt.org
http://www.cdt.org/homes/jseiger












More information about the cypherpunks-legacy mailing list