From: Carl Ellison <cme@tis.com>
To: tcmay@netcom.com
Message Hash: ce5ba93ddcf14c5a0c177fad5d66cfc839507e030b55ac1f21b23239ba7e4bc3
Message ID: <9408091823.AA26987@tis.com>
Reply To: <199408091752.KAA25070@netcom8.netcom.com>
UTC Datetime: 1994-08-09 18:24:40 UTC
Raw Date: Tue, 9 Aug 94 11:24:40 PDT
From: Carl Ellison <cme@tis.com>
Date: Tue, 9 Aug 94 11:24:40 PDT
To: tcmay@netcom.com
Subject: Re: GAK & RSA
In-Reply-To: <199408091752.KAA25070@netcom8.netcom.com>
Message-ID: <9408091823.AA26987@tis.com>
MIME-Version: 1.0
Content-Type: text/plain
From: tcmay@netcom.com (Timothy C. May)
Date: Tue, 9 Aug 1994 10:52:48 -0700 (PDT)
I don't see the "Skipjack is weak" argument as ever having been
persuasive.
[...]
What scares me is the incorporation of the SKE or GAK into products.
Not that RSA may offer an even stronger system.
It's the principle.
exactly ..
This entire debate was sidetracked with a flurry of non-essentials. Who
cares if Skipjack has a weakness? Who cares that it's classified? I don't
need anything stronger than RSA and triple-DES, so Skipjack doesn't mean
anything to me. However, it formed a kernel of controversy to distract a
bunch of reporters and people posting to USENET.
The only issue, as far as I'm concerned, is that in 4000 years of history
of crypto (as documented by Kahn), private citizens have always had strong
crypto and have kept their keys to themselves and there's no reason to
believe the gov't should have the right, now or ever, to these keys. To
me, the *only* issue is GAK. All the rest is moot...stuff to distract the
critics and get them arguing among themselves (or with DERD and
Sternlight).
- Carl
Return to August 1994
Return to “tcmay@netcom.com (Timothy C. May)”