PGP Employee on MKR

mark at unicorn.com mark at unicorn.com
Fri Oct 24 09:57:52 PDT 1997




>Gee, Mark, I thought it was the SMTP filter that did the enforcing. 
>Maybe if PGP didn't call it "CMR" but instead called it something 
>neutral like the "key link field".

Duh, without the 'mandatory voluntary' encryption to multiple keys, the
enforcer couldn't work. Sure, the Feds could say 'encrypt to the FBI key
or else', but users wouldn't be able to do so automatically without 
getting scripts to do so and the revolt would be too large for even the
FBI to handle. It must be done automatically in the software, or it won't
work.

>Let's see, your scenario involves putting super sniffers at strategic
>positions throughout the net, and passing laws that not only supports
>this, but makes it illegal to go around them. I suggest that if such
>laws are passed PGP's software is the least of your problems.

How is this significantly different from mandatory wiretap access laws
which already exist? Since it only requires action on the part of
Internet providers, it's not going to raise the kind of outcry that
other more widespread laws would create.

>To make it plain, Mark, I "explain it away" this way: fundametally, 
>your scenario assumes what it is trying to prove -- you assume that 
>incredibly draconian laws are in place, 

Incredibly draconian? In what sense? Having to set a bit in your generated
PGP keys? It certainly would be draconian if the FBI passed such a law
today and required everyone to dump their software in favor of new, 
GMR-enabled software, but all new copies of PGP are already GMR-enabled. 
In fact, the FBI could probably stage a public relations coup by giving
away free copies of PGP to anyone who asked.

Draconian would be coming around to your house and taking your keys by
force. Draconian is not merely enabling an option which your software
currently supports. The whole point of not wanting PGP to ship this
system is that it would allow the FBI to snoop *without* truly draconian
laws. Without the current CMR system the FBI would have to force everyone
to change to new software; deployment wins.

As I said, 'don't worry, it won't happen, be happy'. Nothing new.

    Mark







More information about the cypherpunks-legacy mailing list