From: Black Unicorn <unicorn@access.digex.net>
Date: Tue, 22 Mar 94 15:02:24 PST
To: cypherpunks@toad.com
Subject: DT'94 and Clipper: effect on manufactures (FWD)
Message-ID: <199403222302.AA02476@access1.digex.net>
MIME-Version: 1.0
Content-Type: text/plain


I thought I would forward this as it seemed to relate.
Also 'cause I'm the author.
:)

->


Newsgroups: comp.org.eff.talk,alt.privacy.clipper,talk.politics.crypto
Subject: Re: Janet Reno on Clipper
Summary: 
Expires: 
References: <strnlghtCMxE5n.5qw@netcom.com> <2mi265$4a6@access3.digex.net> <strnlghtCMzA43.E93@netcom.com> <6woWZxj024n@sktb.demon.co.uk>
Sender: 
Followup-To: 
Distribution: inet
Organization: Express Access Online Communications, Greenbelt, MD USA
Keywords: 
Cc: 

In article <6woWZxj024n@sktb.demon.co.uk>,
Paul L. Allen <pla@sktb.demon.co.uk> wrote:
>In article <strnlghtCMzA43.E93@netcom.com>
>    strnlght@netcom.com (David Sternlight) writes:
>
>> Then Brad's fear is unfounded since those equipment manufacturers who aren't
>> common carriers can sell crypto without a back door.
>
>If this is the case then such equipment will no doubt end up with a sticker
>saying that it is illegal to use it on a line supplied by a common carrier
>and that doing so may result in a fine or imprisonment.

No.

The bill in its draft from provides that common carriers who do not 
provide the encryption device are exempt.  The meaning on its face is 
that common carriers are gaining some immunity to sanctions if they did 
not provide the customer with the encryption he or she is using and 
instead provide a means for the government to compell the common carrier 
to produce in the clear that which they caused to be encrypted.

This is a simplification, look at the bill for the full details.

The practical effect the bills has is to impose on common carriers that 
manufacture encryption devices, a duty to provide to the government those 
conversations which are made with said devices over their lines.

For example:
If AT&T manufactures some encryption device, and I use it over AT&T 
lines, one reading of the bill would suggest that AT&T is now RESPONSIBLE 
for decrypting this if the government should request it.

The definition is not limited to common carriers either.
PCS manufactures are also covered.

This definition argueably includes:

Motorola
Apple (If they provide cellular support for Newton)
Cannon
and perhaps anyone who manufactures cellular phones.

If this is the case, all these companies are bound by the terms of DT'94 
and subject to its fines and sancations as well.

The net result is to discourage and make very DANGEROUS the manufacutre 
of encryption devices if you fall into this category.

HEREIN LIES THE IMPORTANT POINT: THE CONNECTION TO THE CLIPPER PROPOSAL AND 
THE ASSERTION WHICH MR. STERNLIGHT WILL JUMP UPON WITH VIGOR.

The real target of this legislation is the large telecomunications 
MANUFACTURES like AT&T.

It is now very dangerous to manufacture encryption devices and still 
remain a common carrier.
Most of the large companies that would like to jump into the market for 
encryption devices are also probably going to fall into the common 
carrier definition or the PCS manufacture definition.

If you subscribe to Mr. Sternlight's views, you would argue that this is 
really voluntary and that no one is forcing the companies not to 
manufacture these products, indeed they are free to manufacture them and 
pay the crippling $10,000/day non-compliance sanction and endure service
injunctions.

After you remove the large companies from contention, all that is left is 
the small companies that don't fall into common carrier definitions and 
are not PCS manufactures.  

So the government introduces an exception.

If you manufacture an encryption device with Clipper, the government 
(Mytronics) has manufactured the chips, and provided the keys.  Since 
they provided the keys, the 3rd party manufacturer is exempt from the 
DT'94 regulations for decryption duty.

The only companies left manufacturing non-clipper devices are the small 
fries that cannot hope to compete in a government subsidized and flooded 
market.

If this does not fit the definition of regulation, I simply refuse to 
argue the point with my opponents any longer as they are clearly 
resorting to arguement by symantics.

Even now the subtle cleverness with which the parts come together and form a 
powerful whole scares me.  The fact that this legislation does not appear 
to be regulation on its face deserves a great deal of credit.

Too nicely integrated to be accidental in my view.

Very cunning Janet et al, very cunning.

 >
>At least that's how this sort of thing is handled in the UK - connecting
>a modem which doesn't carry BABT approval to a BT line is a *criminal*
>offence.  That's just a modem - imagine what they would do with an unapproved
>crypto device.

I'm waiting for encryption devices to be included in the definition of 
personal communications system and covered outright by DT'94


>Your stance on Clipper has long since lost all semblance of credibility.  Why
>not admit it and stop cluttering up the group?
>
>--Paul
>


Mr. Sternlight serves an important function on the net.
I rarely agree with him, or his style of arguement, but he has never 
resorted to personal attack in his discussions with me and for this he 
deserves at least some respect.

I cannot speak for others he might have offended.

-uni- (Dark)