From: merriman@metronet.com (David K. Merriman)
Date: Wed, 27 Jul 94 17:54:27 PDT
To: enews@microsoft.nwnet.com
Subject: No Subject
Message-ID: <199407280056.AA22049@metronet.com>
MIME-Version: 1.0
Content-Type: text/plain


It has been brought up on the Cypherpunks mailing list that Microsoft is 
proposing to include public-key escrow as a *built-in* "function" of future 
products - Chicago and Daytona have been specifically mentioned.

Is this, in fact, correct?  If so, what constraints or limitations are there 
on it?  Is it an optional capability, and if so, what means are there for 
disabling (or better still, completely removing) it?  What organization(s) 
does Microsoft propose to use as the escrow agent(s) if such public-key 
escrow is implemented?  What would be the system used (RIPEM, RSA, etc)?  If 
not an existing algorithm, would the algorithm(s) be made public?  What 
would be the key size of any such algorithm?

I would appreciate any and all information you could provide regarding this 
_very_ serious matter.

Please note that this message has also been sent to the Cypherpunks mailing 
list; I am quite sure that the subscribers there would be most interested in 
your answers (or failure to answer).  I will also take the liberty of 
forwarding an unedited copy of your response to this message to the 
Cypherpunks mailing list.

David K. Merriman
merriman@metronet.com
Finger merriman@metronet.com for PGP2.6ui/RIPEM public keys/fingerprints.