1997-05-27 - Re: The lights went out in Georgia

Header Data

From: “Robert A. Costner” <pooh@efga.org>
To: Tim May <tcmay@got.net>
Message Hash: b32dc24446518d01932cfa7a7321a836960373df32a3129f1b7a0f51a7f9b023
Message ID: <3.0.2.32.19970527171526.0074890c@keystone.intergate.net>
Reply To: <3.0.2.32.19970527154305.007098e4@keystone.intergate.net>
UTC Datetime: 1997-05-27 21:36:28 UTC
Raw Date: Wed, 28 May 1997 05:36:28 +0800

Raw message

From: "Robert A. Costner" <pooh@efga.org>
Date: Wed, 28 May 1997 05:36:28 +0800
To: Tim May <tcmay@got.net>
Subject: Re: The lights went out in Georgia
In-Reply-To: <3.0.2.32.19970527154305.007098e4@keystone.intergate.net>
Message-ID: <3.0.2.32.19970527171526.0074890c@keystone.intergate.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

At 01:36 PM 5/27/97 -0700, Tim May wrote:
>But as Robert knows more directly than I, Georgia also has the "anonymity
>is a crime" laws on the books 
...
>So, what will happen if people, entities, remailers, pseudonyms, etc..
>submit keys to this EFF-Georgia repository without providing SS number,
>passport, mother's maiden name, etc.?

If Tim read the article he quoted from, he will notice that EFGA has sued the 
state of Georgia over the on-line anonymity law.  We were in court on Feb 12, 
and while we have been waiting longer than expected, we anticipate the federal 
judge to rule in our favor, and against the state.

The original Digital Signature law proposed in Georgia was an invasive 
bureaucratic law very similar the laws passed in Utah and Washington State, 
and similar to the model proposed by the American bar Association.  This law 
attempted to have a state controlled Ministry of Signatures that would have 
databases linking email addresses to credit bureau files.  I led EFGA in 
opposing the state on this issue.  We went to Digital Signature Task Force 
Meetings, testified at Senate hearings, gathered research from other places, 
and did a lot to help educate the local lawmakers and corporate people.

The result of this education process was that the original bill was thrown out 
and replaced with a much better Electronic Records and Digital Signature Act 
to be passed here in Georgia.

The X.509 type provisions are not implemented in the EFGA key repository.  No 
proof of identity is required - the certification is based on the web of trust 
principle.  To further enhance privacy, we have turned off replication of keys 
to other servers and will not be allowing searches on the database, only exact 
user matches.  EFGA has identified privacy problems with the existing MIT 
(Horowitz) PGP key server and we are attempting to help plug the holes.

I think you will find that what happens when people use key repositories and 
crypto in Georgia without disclosing private personal information is that the 
State of Georgia will be endorsing strong crypto.  The Georgia Information 
Technology Policy Council will report on it, and the Electronic Commerce Study 
Committee will report on it.  And the state government will endorse the use of 
512 to 2048 bit encryption without escrrow.

PS.  You are still invited to use PGP5.0 to send your keys to keys.efga.org


-----BEGIN PGP SIGNATURE-----
Version: 5.0 beta
Charset: noconv

iQBVAwUBM4tO6UGpGhRXg5NZAQFujQH/bbL+OPSeeXA3xwK1ju+pMOLs7+3vEZjC
U1ysIir7TUiJJvz7nYNPrJA2CbXKk4/QSN9hoz0B1DN8E5Q/OuLfNA==
=KEZf
-----END PGP SIGNATURE-----

  -- Robert Costner                  Phone: (770) 512-8746
     Electronic Frontiers Georgia    mailto:pooh@efga.org  
     http://www.efga.org/            run PGP 5.0 for my public key






Thread