From: David Sternlight <david@sternlight.com>
To: cypherpunks@toad.com
Message Hash: 268de254961ceb9151cecc2f1c115b00fd3989c64e1f965f75933a4f4f67581b
Message ID: <v03007601ae0f4a7ce492@[192.187.162.15]>
Reply To: <ae0e969b01021004a5a1@[205.199.118.202]>
UTC Datetime: 1996-07-15 08:26:56 UTC
Raw Date: Mon, 15 Jul 1996 16:26:56 +0800
From: David Sternlight <david@sternlight.com>
Date: Mon, 15 Jul 1996 16:26:56 +0800
To: cypherpunks@toad.com
Subject: Re: Dep. AG Gorelick on CSPAN2 advocating escrow
In-Reply-To: <ae0e969b01021004a5a1@[205.199.118.202]>
Message-ID: <v03007601ae0f4a7ce492@[192.187.162.15]>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="Boundary..3943.1071713593.multipart/signed"
--Boundary..3943.1071713593.multipart/signed
Content-Type: text/plain
Content-Transfer-Encoding: 7bit
At 12:20 PM -0700 7/14/96, Timothy C. May wrote:
>At 1:34 PM 7/13/96, Deranged Mutant wrote:
>>Saw Jamie(?) Gorelick, Dep. Attny Gen. on CSPAN2 talking about needs
>>for key escrow. Emphasized the what if people lose their keys, or
>>someone dies, or if an employee steals company secrets & encrypts
>>them... rather than the usual what if terrorists use crypto line
>>(though she did mention that too).
>>
>>Guess they're taking a new tack to sell it to the public. A lot of
>>bunkum... (project left to the reader how these can be handled in a
>>non-GAK manner).
>
>And as we all know, having discussed this many times, even if one buys
>these arguments for the advantages of key escrow, THEY DO NOT APPLY TO
>COMMUNICATIONS!
>
>That is, imagine Alice and Bob communicating over some channel. Alice has
>files on her computer. Putatively, if she dies, leave her company,
>whatever, it is desired to reconstruct these files. Fine. A potential use
>for key escrow. (If voluntary, of course.)
>
>But what does this have to do with a channel between Alice and Bob? Why
>should the keys for this channel ever need to be escrowed for the reasons
>Gorelick cites? After all, Alice has the files she sent stored locally, and
>Bob presumably has the same files he received.
>
>There is essentially no rationale for escrowing the keys of a transient
>communication.
>
>The Administration and even cryptologists apologizing for GAK (who ought to
>know better) are curiously silent on this rebuttal to their claims.
It's not that powerful a rebuttal, since it would require files of e-mail
(or their session keys) to be encrypted twice--once with the escrowed
storage key and again with the transmission (recipient's) key. And if the
message were public key, it would require a re-encryption at the receiving
end with the recipient's escrowed storage key to make the recipient's files
available to HIS management. Further, it would require everyone to keep two
keys since I infer from your position you wouldn't want your public key to
be the escrowed one (for transmission security).
As you know I do not support mandatory key escrow in the US, but arguments
against it need to be robust. Your argument, while not without merit, is
weaker than one would like (in that it is susceptible to the mental
rebuttal by policymakers that I've outlined above). In my view it isn't the
kind of decisive argument that would justify your use of "curiously" silent.
David
--Boundary..3943.1071713593.multipart/signed
Content-Type: application/octet-stream; name="pgp00006.pgp"
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="pgp00006.pgp"
Content-Description: "PGP signature"
LS0tLS1CRUdJTiBQR1AgU0lHTkFUVVJFLS0tLS0KVmVyc2lvbjogMi42LjMK
CmlRQ1ZBd1VBTWVtY0hVd2dIK05ZclE4MUFRRXNrUVA4REJiM3Vwd1VPT0d4
bVVib2QvUTgyNS9yUWw0WVY0TlIKRDJ0bG1PN3N2eTJlZU1zb1o4RTBDdU1S
VE5NN2p1ajd1YldOS3hHL3JVcXdMU3IrMWxGTzMxK2s4ZlVBZDgwbApiTnB3
cTBDb0lQTGNobkZrYmpmaGZYUmdtdjVnbVUxTnFNSHNZY0k3Zm9pK1hocUpY
OXduekI2eHhrWW44WHpUCm9GN0lyTTdYY1hNPQo9Um1xVwotLS0tLUVORCBQ
R1AgU0lHTkFUVVJFLS0tLS0K
--Boundary..3943.1071713593.multipart/signed--
Return to July 1996
Return to “tcmay@got.net (Timothy C. May)”