From: tcmay@got.net (Timothy C. May)
To: cypherpunks@toad.com
Message Hash: dc166230082dba091324bfe2fa0ad6c8bb2ab416bd56621091993dd663568e35
Message ID: <ace76787260210043e19@[205.199.118.202]>
Reply To: N/A
UTC Datetime: 1995-12-03 22:58:03 UTC
Raw Date: Sun, 3 Dec 95 14:58:03 PST
From: tcmay@got.net (Timothy C. May)
Date: Sun, 3 Dec 95 14:58:03 PST
To: cypherpunks@toad.com
Subject: RE: Do the Right Thing
Message-ID: <ace76787260210043e19@[205.199.118.202]>
MIME-Version: 1.0
Content-Type: text/plain
At 9:09 PM 12/3/95, Pat Farrell wrote:
>I personally believe that this topic does not deserve the heat that it
>has generated on this list. This opinion could change. I'll have a much
>better idea Tuesday evening when I've had a chance to hear the latest from
>NIST on GAK for export.
Well, people discuss what they think is important. Those who don't think
this topic is important are of course not compelled to participate in the
debate.
>I think we need to save out fury for real statements about making
>non-GAK illegal for domestic use. If this starts to condense out
...
>I have no problem with Netscape having a GAK-ified browser in addition
>to a real one. At least as long as the GAK'd version is clearly identified
>-- a logo saying "big brother inside" covering 25% of the screen should
>do it for me.
These two points are what many of us are concerned about. Some may argue
"Wait until it's illegal, then protest," but I think the Cypherpunks list
has shown a particular strength in spotting "early warning signals" well in
advance of actual developments, thus enabling us to get our ducks in line
and hit the ground running (to mix some metaphors).
Is it too early to worry about outlawing of non-GAKked crypto? Hal Abelson
has this in the preliminary program for CFP '96, sent out today:
"Events planned for this year's conference include:
- Federal prosecutors square off against civil-liberties lawyers
in a Supreme Court test of the "Cryptography Control Act of
1996", which criminalizes non-escrowed encryption."
...
>It was quite clearly implied at the September meetings that the
>Government expected that vendors would do only one version, GAK'd.
>This would allow the LEAs to tromple all over US civil liberties
>at will.
This was my point about having a domestic and an export version. (You
mentioned that Netscape already does this, and in fact probably has 10 or
more versions, for various platforms. Fine. Many of us want to keep it that
way, especially with regard to GAK. Saying that Netscape wants "a single
version with crypto suitable for all" is not OK if that version includes
GAK. This is what I am urging Netscape to take a stance on, now, soon,
quickly.)
>Tim's suggestion of a formal statement that separates domestic product
>from export, and clearly leaves GAK out of US products, is a very good one.
>It is close to what Netscape is doing now, it is completely consistant
>with current and publically announced policies, and it would
>let this list return to discussions that are relevant to
^^^^^^^^^^^
>cryptography.
^^^^^^^^^^^^
Pat, if the policies and technologies surrounding key escrow are not
relevant to the themes of the Cypherpunks list, I surely don't know what
is!
That so many people are commenting on this topic, and not, say, on a more
"relevant" topic such as "Fermat factorization and the rho method in
elliptic curve cryptosystems" tells us what the apparent focus of the list
is. (Fact is, there are only a handful of folks on the list--and perhaps in
the world only a few hundred--who have strong competency in these
areas....asking that the list confine itself itself to discussions
"relevant to cryptography" is pointless. Technical cryptography is probably
better handled in sci.crypt or sci.crypt.research, or at conferences. And
"How to Use PGP" questions are better handled in many other places. Just my
opinion. Others are of course welcome to discuss how to use PGP or the
intricacies of quadratic reciprocity, just as I will feel welcome to
discuss key escrow in its various forms and implications.
People talk about what matters to them, for the most part, and attempts to
"steer" the list to other topics are best done by example. That is, write
up a really interesting article on some "relevant" topic and perhaps people
will discuss it. That seems better than saying a discussion of GAK is not
relevant.
And the NIST/NSA meeting is coming up in a few days...what better time to
discuss some issues, and thus possibly trigger some ideas or arguments for
attendees to make, than now? What's the point of waiting until it's over,
when all we can do then is complain?
I think key escrow, whether of the Clipper variety of the SKE variety, is
central to the themes of the group.
--Tim May
Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May | Crypto Anarchy: encryption, digital money,
tcmay@got.net 408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA | knowledge, reputations, information markets,
Higher Power: 2^756839 | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."
Return to December 1995
Return to “tcmay@got.net (Timothy C. May)”