1996-01-22 - Re: Espionage-enabled Lotus notes.
Header Data
From: “Paul M. Cardon” <pmarc@fnbc.com>
To: “Richard Martin” <rmartin@aw.sgi.com>
Message Hash: 4ecc3d80f7da9e2a900e84ef25f90ac6be0a6f2c852a43d4423b98d46035ba7c
Message ID: <199601212208.QAA00308@abernathy.fnbc.com>
Reply To: <9601181638.AA01736@zorch.w3.org>
UTC Datetime: 1996-01-22 01:10:06 UTC
Raw Date: Mon, 22 Jan 1996 09:10:06 +0800
Raw message
From: "Paul M. Cardon" <pmarc@fnbc.com>
Date: Mon, 22 Jan 1996 09:10:06 +0800
To: "Richard Martin" <rmartin@aw.sgi.com>
Subject: Re: Espionage-enabled Lotus notes.
In-Reply-To: <9601181638.AA01736@zorch.w3.org>
Message-ID: <199601212208.QAA00308@abernathy.fnbc.com>
MIME-Version: 1.0
Content-Type: text/plain
An individual almost but not quite entirely unlike Richard Martin wrote:
> They've forced a major company (they don't come much more major
> than IBM) to ship a product which actually helps them in both
> aspects of their mandate. Communications interception of foreign
> industries' groupware is now easier for the U.S. than for any other
> country, while (and this must be granted) the communications
> security of American industries will be somewhat improved by this
> move.
But how does this affect the use of Notes for US companies with
foreign offices? If foreign offices are required to use the "export
version" (which IS supposedly interoperable with the domestic
version), then Notes use between a foreign office and US office will
have a 40 bit key as far as the government is concerned. This
assumption may be incorrect, but until I know what the effective key
size is as seen by the government when the export and domestic
versions communicate, I have to assume that the export version will
have to dominate the effective key length. In other words, the
domestic version will be able to handle and generate keys with the
24 government accesible bits, but naturally, keys generated by the
domestic version will not be usable by the export version.
Are US businesses willing to swallow this when the use is purely
internal to the company? Does the national security argument hold
up in this situation?
This really does so little to improve the security situation that I
can see why Mr. Ozzie is not comfortable with this compromise as
anything but a short-term solution. I hope his statement is
sincere. I'm asking a lot of questions at this point because my own
opinions are not fully formed on all of the relevant issues.
---
Paul M. Cardon
System Officer - Capital Markets Systems
First Chicago NBD Corporation (for whom I do not opine)
MD5 (/dev/null) = d41d8cd98f00b204e9800998ecf8427e
Thread
Return to January 1996
- Return to “hallam@w3.org”
- Return to ““Paul M. Cardon” <pmarc@fnbc.com>”
- Return to ““Richard Martin” <rmartin@aw.sgi.com>”
Return to “Trei Family <trei@iii.net>”
- 1996-01-18 (Thu, 18 Jan 96 06:52:17 PST) - Espionage-enabled Lotus notes. - Trei Family <trei@iii.net>
- 1996-01-18 (Fri, 19 Jan 1996 01:13:49 +0800) - Re: Espionage-enabled Lotus notes. - hallam@w3.org
- 1996-01-18 (Thu, 18 Jan 96 09:17:16 PST) - Re: Espionage-enabled Lotus notes. - “Richard Martin” <rmartin@aw.sgi.com>
- 1996-01-22 (Mon, 22 Jan 1996 09:10:06 +0800) - Re: Espionage-enabled Lotus notes. - “Paul M. Cardon” <pmarc@fnbc.com>
- 1996-01-18 (Fri, 19 Jan 1996 01:13:49 +0800) - Re: Espionage-enabled Lotus notes. - hallam@w3.org