From: Bill Frantz <frantz@netcom.com>
To: “Timothy C. May” <kent@songbird.com>
Message Hash: 0ea753014afbf5d48ab4458f50adcf07cd5968f8cfaec4bbde23cb45eb0523f4
Message ID: <v0300780daf68dfeaf12d@[207.94.249.214]>
Reply To: <19970402000825.61388@bywater.songbird.com>
UTC Datetime: 1997-04-03 04:43:31 UTC
Raw Date: Wed, 2 Apr 1997 20:43:31 -0800 (PST)
From: Bill Frantz <frantz@netcom.com>
Date: Wed, 2 Apr 1997 20:43:31 -0800 (PST)
To: "Timothy C. May" <kent@songbird.com>
Subject: Re: Analysis of proposed UK ban on use of non-escrowed crypto.
In-Reply-To: <19970402000825.61388@bywater.songbird.com>
Message-ID: <v0300780daf68dfeaf12d@[207.94.249.214]>
MIME-Version: 1.0
Content-Type: text/plain
At 5:43 PM -0800 4/2/97, Timothy C. May wrote:
>However, key recovery need have no "hooks" by government into it. The
>attempt by the government to ensure secret access, without even so much as
>a search warrant, is revealing.
This issue is to me key. If the government wants any creditability on the
GAK issue, it will include in any GAK system, a provision for independent
auditing, after the fact, of intercepts. (BTW - I will still oppose GAK,
but some of my best arguments will be taken away.)
It seems to me that once you swollen the idea that government has, under
any circumstances, a right to read your mail, there are two issues.
(1) Is the proscribed procedure fair?
(2) Did the government follow the procedure?
(My opposition to GAK is based on my belief that there are no star chamber
proceedings which are fair. The ability to confront the witnesses against
you and compel witnesses to testify for you are key here.)
However, auditing only addresses the second issue. There are many problems
with auditing the government's use of its access. One key one is, who is
the auditor? At CFP97, I suggested that the press would make a good
auditor.
If the KRAP agency is truly at arms length from the government*, then a
report of the keys released compared with records that the procedures were
followed, would allow anyone, the press included, to check that the
government followed the procedures.
Now, I frequently think that the press is in bed with the government, so I
am looking for a better auditor. Some institution which values its
reputation more than it values its relationship with the government would
do. Anyone have any good candidates?
* Assuring this arms length relationship is an exercise for the student.
(I give it a Knuth grade of 50.)
-------------------------------------------------------------------------
Bill Frantz | I have taken a real job at | Periwinkle -- Consulting
(408)356-8506 | Electric Communities as a | 16345 Englewood Ave.
frantz@netcom.com | capability security guru. | Los Gatos, CA 95032, USA
Return to April 1997
Return to ““Timothy C. May” <tcmay@got.net>”