From: Colin Orion Chandler <orion@crl.com>
To: N/A
Message Hash: 20676ecd79bdaf21b9116a17fc01f38be123ec02b79cb16ed42343d51df2119d
Message ID: <Pine.3.87.9402141803.A28497-0100000@crl2.crl.com>
Reply To: <15722.pfarrell@netcom.com>
UTC Datetime: 1994-02-15 03:01:33 UTC
Raw Date: Mon, 14 Feb 94 19:01:33 PST
From: Colin Orion Chandler <orion@crl.com>
Date: Mon, 14 Feb 94 19:01:33 PST
Subject: Re: Actively Sabotaging Clipper and Capstone?
In-Reply-To: <15722.pfarrell@netcom.com>
Message-ID: <Pine.3.87.9402141803.A28497-0100000@crl2.crl.com>
MIME-Version: 1.0
Content-Type: text/plain
Hm... it seems to me, that if the government is going to have these keys,
it won't be too long before they are all posted to the net... considering
how good the .gov and .mil is at keeping secrets, we shouldn't woory :)
___________________________________________________________________________
|---===================================--| /\ | | \ |_ _\ \ / |
|---Colin Titus Orion Xavier Chandler----| \\ \ | | . | | > < |
|---===================================--| \ \\ / \__/ _|\_|___|_/\_\ |
| _____ | / \/ / / |
|/\ __ \ __ "What year is it?" | / / \//\ "If it's not a |
|\ \ \/\ \ _ __ /\_\ ___ ___ | \//\ / / Sun, it's not a |
| \ \ \ \ \/\`'__\/\ \ / __`\ /' _ `\ | / / /\ / computer." |
| \ \ \_\ \ \ \/ \ \ \/\ \L\ \/\ \/\ \ | / \\ \ .__ __ |
| \ \_____\ \_\ \ \_\ \____/\ \_\ \_\ | \ \\ |_. | | |\ | -| |
| \/_____/\/_/ \/_/\/___/ \/_/\/_/ | \/ __| I_| | \| __|/160|
+________________________________________+_______________________________+
| Colin Chandler |"It can only be accountable to *human* error."-HAL9000|
| (415) 388-8055 | orion@crl.com, wizard @ BayMOO (mud.crl.com 8888) |
|________________________________________________________________________|
On Mon, 14 Feb 1994, Pat Farrell wrote:
> Tim May posted to cypherpunks:
>
>
> > Hey, I've just been told in e-mail that my $200,000 figure for the
> > Clipper keys (a tape or compilation of the ones that are held in
> > escrow) is way too low, probably by two orders of magnitude.
> >
> > Maybe so, as having these keys could mean a lot.
> >
> > But my point is that nearly any such figure will represent an
> > incredible temptation. Such is the risk of any centralized system in
> > which a master key (or set of escrowed keys) unlocks such valuable
> > information.
>
>
> This is exactly the same argument that corrupts the PEM certification
> scheme. While hierarachical chains of command are reflexivly the first
> idea in any military or bureaucratic employee, the existance of a
> super-valuable "master certification certificate" that is valuable will
> directly make it extremely valuable. Anything of sufficient value will
> be compromised by someone willing to pay a sufficient value, break a
> kneecap, etc.
>
> Once a valuable, high level certificate is broken, then all decendant
> certificates are broken. The "web of trust" is the only workable solution.
>
> Pat
>
> Pat Farrell Grad Student pfarrell@gmu.edu
> Department of Computer Science George Mason University, Fairfax, VA
> Public key availble via finger #include <standard.disclaimer>
>
Return to February 1994
Return to ““Pat Farrell” <pfarrell@netcom.com>”