From: Jeff Weinstein <jsw@netscape.com>
To: cypherpunks@toad.com
Message Hash: 4ab13fd06a84434cf1fff41dc3539f70574fc349821d92fd150ceca02261e985
Message ID: <30BD716E.5F69@netscape.com>
Reply To: <199511300644.WAA02011@infinity.c2.org>
UTC Datetime: 1995-11-30 09:00:08 UTC
Raw Date: Thu, 30 Nov 95 01:00:08 PST
From: Jeff Weinstein <jsw@netscape.com>
Date: Thu, 30 Nov 95 01:00:08 PST
To: cypherpunks@toad.com
Subject: Re: Netscape gives in to key escrow
In-Reply-To: <199511300644.WAA02011@infinity.c2.org>
Message-ID: <30BD716E.5F69@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain
sameer wrote:
>
> http://www.cnet.com/Central/News/govt.html
>
> Bad. Very Bad. And I was almost starting to like Netscape.
Please don't give up on us yet. All press accounts I've read so far
have lots of stuff attributed to Jim, but very little of it is actual
quotes. There appears to be lots of paraphrasing and interpretation
being done on the part of the reporters. The impression that I'm
getting is that the press has blown a couple of small sound bites
way out of proportion. The infoworld article that covers the same
speech only devotes about 20% of the article to the key escrow topic,
and is similarly devoid of actual quotes.
I have not spoken to Jim about this, and I did not hear the talk
myself, so I'm mostly reading between the lines here. After I saw the
story earlier today I started asking around to see if the company
had made any major policy shift in the direction of GAK, and wasn't
able to turn up anything. If anything its the opposite.
My feelings about key escrow, which were echo'd by several folks
in management when I spoke to them today are:
o Government mandated escrow would be a bad thing
o There are some settings where escrow is good, in the corporate
setting, or as a matter of person choice(to protect against
loss of password)
o The whole issue of escrow should be de-coupled from the
export issue
I don't want to go down in history as a facilitator of the totalitarian
state, and I don't think anyone else here does either. I hope folks
wait for press releases, product announcements, etc. before condemning us
too much. Jim has made comments in the past that were quoted out of
context, and blown way out of proportion to the point that some people
believed that we were monitoring our user's every keystroke and sending
it all back to the home office to generate huge demographic databases.
I suspect that this is the same sort of thing, and I hope everyone will
judge us by what we do.
--Jeff
PS - you won't find a LEF in the soon to be released SSL Version 3 spec...
--
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.
Return to December 1995
Return to “Sten Drescher <dreschs@mpd.tandem.com>”