From: Brian Davis <bdavis@dg.thepoint.net>
Date: Fri, 13 Oct 95 07:39:35 PDT
To: Cypherpunks Mailing List <cypherpunks@toad.com>
Subject: Re: Judicial Access to Keys (Was: Re: Banque des Cypherpunks)
In-Reply-To: <199510120730.DAA01478@thor.cs.umass.edu>
Message-ID: <Pine.D-G.3.91.951013101859.5382B-100000@dg.thepoint.net>
MIME-Version: 1.0
Content-Type: text/plain


On Thu, 12 Oct 1995, Futplex wrote:

> Scott Brickner writes:
> > I don't rember if any key-splitting schemes currently allow it, but how
> > about this:  the escrow agencies would be the courts, requiring one
> > assent from each judge on the appeals chain.  As each judge rules
> > against the defendant or denies the appeal, he adds his piece of the
> > key to the ruling.  When you reach the top of the chain, then *and only
> > then* can you be traced.
> 
> JAK (Judicial Access to Keys) sounds as though it wouldn't give the LEAs a 
> chance to pre-emptively snoop on message traffic before prosecution, unlike
            ^^^^^^^^^^^^^                          ^^^^^^ 
> POTS wiretaps and Clipper. I don't see the govt. ever favoring such a
> scheme that doesn't help the LEAs to "gather" evidence to justify an
> indictment. They will probably skip JAK instead <ducking ;>....

I think that the bigger concern would be that a small set of judges at 
each level would be designated JAK judges (god forbid that they all have 
some idea of what the issues are ...).  Then LEA would be certain to 
present only the most egregious cases to them until they got in the habit 
of signing off on them.   Then, the marginal requests for access would 
slide through.  

I think Futplex insinuated that this would occur post charge rather than 
pre charge, to which LEA would never agree.  You can't indict without 
evidence (at least in theory :-)) and and if you're going to get blown 
out of the water as soon as the encrypted traffic is decrypted by the 
defendants for trial ...  well, let's just say it is better to lose early 
and quietly than later and in public.

All this said, and after much personal wailing and gnashing of teeth, I 
*personally* believe GAK/MKE/JAK etc. is unworkable and should be quietly 
dropped.  With so many ways around key escrow,  especially the 
existence of PGP, I think the horse has left the barn.  The issue won't 
be dropped, of course, at least in the short run.  I appreciate all the 
thoughtful replies to my "Cypherpunks Key Escrow" proposal, and will 
ignore the few that were, ahem, not so thoughtful.

I've been avoiding posting about this for weeks due to my own indecision, 
my workload, and a sprained wrist which makes typing an adventure, but 
when directed to "write an article for [a law enforcement magazine] that 
is pro-MKE," I had to reach a personal decision about this.  I am 
generally very open about what I think/believe etc. and have few secrets 
from my friends.   I get the impression that the majority of you have a 
different view about your personal life, but that's why Baskin-Robbins 
has 31 flavors, not one.

I also strongly believe that you gravely overestimate the threat of MKE, 
probably overestimate the interest LEAs have in your personal affairs, 
and have little idea how hard it is to get court approval for wiretaps, 
and presumably access to escrowed keys.  I did mention to my U.S. 
Attorney that the proposal that "other lawful authorities" [besides 
judges] could grant access to escrowed keys was especially bothersome.  
He took it well, and said that was a legitimate point (that I don't think 
will go anywhere).

Now understand that, as a lawyer, I get paid to say what my client (the 
USA) wants me to say, within certain bounds, so I will write the 
article.  My heart will not be in it, though. 

I would appreciate it if you wouldn't send this to Janet Reno or 
otherwise use it, with attribution, at least until I find a new job!  :-)
I stay in enough trouble here without this being circulated through the 
Department and placed in my personnel file.

Lest there be any doubt: I SPEAK ONLY FOR MYSELF on this issue.  The 
Department's and the Administration's* position has not changed to my 
knowledge (except as has previously been discussed in this forum).

*****


*Some of you like to blame the Clinton Administration for all of this.  
Be mindful that all this started in the Bush Administration or earlier.  
There's plenty of blame to go around.  I encourage the Cypherpunks 
anarchy to use its recent successes with Netscape, and soon with MS, 
together with its concommitant increase in credibility to educate the 
public and the politicians.

EBD

 
> -Futplex <futplex@pseudonym.com>
> 

Not a lawyer on the Net, although I play one in real life.
**********************************************************
Flame away! I get treated worse in person every day!!