From: Eli Brandt <eli@gs160.sp.cs.cmu.edu>
To: cypherpunks@toad.com
Message Hash: 42e618ebd801ec2b6d855a72fe87df7143738c395430c915369a0790e6b0e159
Message ID: <199710151811.LAA23906@toad.com>
Reply To: <199710141935.PAA13621@beast.brainlink.com>
UTC Datetime: 1997-10-15 18:24:31 UTC
Raw Date: Thu, 16 Oct 1997 02:24:31 +0800
From: Eli Brandt <eli@gs160.sp.cs.cmu.edu>
Date: Thu, 16 Oct 1997 02:24:31 +0800
To: cypherpunks@toad.com
Subject: Re: FCPUNX:PGP Key Escrow and Congress
In-Reply-To: <199710141935.PAA13621@beast.brainlink.com>
Message-ID: <199710151811.LAA23906@toad.com>
MIME-Version: 1.0
Content-Type: text/plain
Bruce Schneier wrote:
> From: "Barbara Simons" <simons@VNET.IBM.COM>
>
> Some of these are old arguments that we've been hearing for a while,
> but some are newer. In particular, points 4 and 6 are difficult to
> refute without getting into some technical details. Both points also
> undercut the argument that a key recovery infrastructure potentially
> weakens security. After all, the NSA thinks it's secure enough that it
> can be used by the government.
Non-technical point: the NSA (reportedly) has no intention of using
GAK for classified information. They know that it weakens security.
Do the privacy of the nation's data and the security of its
information infrastructure deserve the same consideration as the
Pentagon's "Confidential" memos? When you're planning to build in a
single point of failure, this is a question you have to ask.
--
Eli Brandt | eli+@cs.cmu.edu | http://www.cs.cmu.edu/~eli/
Return to October 1997
Return to ““William H. Geiger III” <whgiii@invweb.net>”