From: Mike Godwin <mnemonic@eff.org>
Date: Tue, 27 Apr 93 13:28:41 PDT
To: tcmay@netcom.com (Timothy C. May)
Subject: Re: MEETING SUMMARY: 4-24-93 Cypherpunks Meeting
In-Reply-To: <9304261909.AA29562@netcom.netcom.com>
Message-ID: <199304272028.AA19664@eff.org>
MIME-Version: 1.0
Content-Type: text/plain



Tim writes in the summary of Saturday's meeting:
 
> Jim Bidzos, President of RSA Data Security, intended to just speak briefly
> about the Clipper Chip, Capstone, and the view of RSA, but ended up staying
> and participating for several hours. Mike Godwin, of EFF, was present at
> the Boston (I think) site.

Definitely at the Boston (Cambridge) site.

> It appears the Clipper/Capstone program is initially intended to "buy
> market share" as quickly as possible, with government offices requiring
> Clipperphones (and probably for those they do business with). Perhaps the
> intent is undercut competing models and make Clipper the de facto standard,
> which can then be made the de jure standard.
 
I am very sceptical that the "market share" strategy is the whole strategy
here. I think that while some proponents of Clipper may believe this is
the strategy, DOJ hopes that widespread adoption of Clipper will mute
any opposition to subsequent limitations on other encryption methods.

> John Gilmore has already posted to the list the results of our
> brainstorming session to come up with questions to ask the FBI, NIST, NSA,
> Congress, and the Administration. Mike Godwin argued that a lot of
> embarrassing questions could quickly derail the plan.

Let me clarify: I argued that asking tough questions could either force to
the government to reveal its hand or pin the government down to a
statement it would later have to admit was false.

> That is, it's conceivable this plan could begin to unravel fairly soon. 
 
We can only hope.

> Whit Diffie described how the failure could either so greatly
> embarrass the Administration that they'd be loathe to try it again (the
> Viet Nam Syndrome, applied to crypto) or that it could provoke them to
> tighten restrictions even further, perhaps even to the point of an outright
> ban on the use of unapproved encryption at *any* level.

I believe this is precisely the reason we want to make powerful encryption
ubiquitous as soon as possible. And doing this is one of the reasons I
mentioned my hope for an eventual rapprochment between Jim Bidzos and 
Phil Zimmerman. Regardless of past disagreements, these two have a common
cause now, and we should strive to find a way to quell further public
disagreement and resolve as many differences as possible.

> * Since Jim Bidzos was there, the topic of PGP naturally came up several
> times. Eric Hughes let this run for a while, then moved the discussion back
> to Clipper. Jim Bidzos clearly had some strong opinions, but also did not
> want this to be the forum for debating patents and the legality and ethics
> of PGP.

Another clarification: in response to a comment I made at the meeting,
Jim spoke at length about the validity of the RSA patent and about the
validity of his company's procedures. I want Jim and others to understand
that what I'm saying here should not be interpreted as an attack on Jim's
business strategy. I know that Jim is so used to being criticized about
the patent that he has standard responses to those criticisms, but I hope
it's clear that I wasn't criticizing him.

> Some of us continue to hope some accommodation can be reached between RSA
> Data and the PGP community. The upcoming battle over strong crypto is a
> bigger issue than this squabble.

Yes, yes, yes.



--Mike