From: Carl Ellison <cme@tis.com>
To: jrochkin@cs.oberlin.edu
Message Hash: dfea761d9c0c2b3e7abe9a9ed3d276a1dcc2aead60d3c3c5d0d849ce45a309a2
Message ID: <9407212121.AA12961@tis.com>
Reply To: <199407211854.OAA20322@cs.oberlin.edu>
UTC Datetime: 1994-07-21 21:21:37 UTC
Raw Date: Thu, 21 Jul 94 14:21:37 PDT
From: Carl Ellison <cme@tis.com>
Date: Thu, 21 Jul 94 14:21:37 PDT
To: jrochkin@cs.oberlin.edu
Subject: Re: Clipper Chip Retreat
In-Reply-To: <199407211854.OAA20322@cs.oberlin.edu>
Message-ID: <9407212121.AA12961@tis.com>
MIME-Version: 1.0
Content-Type: text/plain
>Date: Thu, 21 Jul 1994 14:54:22 -0400
>From: Jonathan Rochkind <jrochkin@cs.oberlin.edu>
>Subject: Clipper Chip Retreat
>It's still a bad idea, but a public-domain
>algorithm clipper with non-governmental escrow agents isn't quite as
>obvously insane and inane as the previous clipper.
Sorry, but the major Clipper flaw to me (and at least one corporate
executive with whom I've discussed this) *is* the very idea of key escrow.
My previous company used to sell computers to banks and funds transfer
agents. A skeleton key to the crypto they used would be worth enough money
to warrant an expensive attack -- and the vulnerable place to attack is the
escrow databases.
Of course they could fix this vulnerability. They could use the NSA HQ and
maybe Fort Knox as the escrow sites. That would make us all more
comfortable with the scheme, wouldn't it?
- Carl
Return to July 1994
Return to “m5@vail.tivoli.com (Mike McNally)”