From: Adam Back <aba@dcs.ex.ac.uk>
To: jon@pgp.com
Message Hash: 5864cc08210a7364edea4858fe15a7760e43ac30fea216628cb72cc8c65e1de3
Message ID: <199710110252.DAA07516@server.test.net>
Reply To: <3.0.3.32.19971010180024.00ad8ce0@mail.pgp.com>
UTC Datetime: 1997-10-11 02:56:57 UTC
Raw Date: Sat, 11 Oct 1997 10:56:57 +0800
From: Adam Back <aba@dcs.ex.ac.uk>
Date: Sat, 11 Oct 1997 10:56:57 +0800
To: jon@pgp.com
Subject: Re: Attitude and Assumptions
In-Reply-To: <3.0.3.32.19971010180024.00ad8ce0@mail.pgp.com>
Message-ID: <199710110252.DAA07516@server.test.net>
MIME-Version: 1.0
Content-Type: text/plain
Jon Callas <jon@pgp.com> writes:
> In the course of all the discussion here, I have seen a number of
> implicit attitudes and assumptions that irritate me. This is a short
> rant to air my irritation.
[bucko big snip]
Well, it was a nice rant, Jon. Most of it was even crypto-correct :-)
But the problem is you didn't address the point causing your perceived
hostilities. Not once.
The point is Jon "GAK compliance meister" Callas, you're building in
GAK compliance.
Now we know that it is possible for you to have GAK compliance without
using it for that purpose, or at least to promise that at this stage,
promise sincerely even, it doesn't make any difference. When
mandatory GAK is law, all you'll have done is to smooth the way for
it. Your promises, and crypto-anarchic 'tudes won't amount to a stack
of cards.
Your wimpy sounding safegaurds and reasons why PGP Inc would have to
be bought out, all staff sacked etc. don't sound very reassuring.
Saying "over my dead body", doesn't really help us if we are realistic
enough to figure that you'll be dead, and we'll have GAK. Personally
I'd sooner we didn't have GAK (and that y'all lived too).
Oh yeah, and the reason we're all "picking on you" is nothing,
absolutely nothing what-so-ever, to do with the fact that PGP is an
"Inc" now.
The reason that it appears to you that we're picking on you is that
we're trying to ram a few simple points through your skulls which we
consider may be significant points in the political wars potentially
leading up to mandatory GAK.
For example, major point #1: that by attempting to enforce GAK
compliance on the IETF OpenPGP standard you will make it easier, much
easier, major point this, listening?, much easier to introduce GAK,
because they can then do so interoperably with the OpenPGP standard,
which you're hoping will be #1 internet email application used by
netscape like 80% market dominance figures.
PGP Inc has easily within it's powers the ability to remove this easy
migration path for manditory GAK.
Point #2, is more of a technical point really: you seem to be mixing
key functionality to the detriment of security to provide a fully
functional corporate email snooping service. Here's a meme to pass
around the office:
separate storage and encryption keys are just as important as
separate encryption keys and signature keys.
This is also fairly important, as keys have different recovery
requirements, and different life time requirements. Re-using
communication encryption keys for storage keys causes all sorts of
problems. One of which is getting shouted at for being GAK compliant.
Oh yes, and email in your received folder is NOT a communication
anymore, it is now _stored_, and should therefore, if it is encrypted
be encrypted with said storage key.
Now, if y'all over there are such "live free or die" crypto-anarchist
martyr's that you've given up your cisco options, and taken a pay cut,
and resisted temptation for a 20% pay rise (and you very well may be
die hard crypto-anarchists for all I know, I've only met a few of
you), surely argument #1 means something to you:
"attempting to enforce GAK compliance on the IETF OpenPGP
standard you will make it MUCH easier for USG to introduce GAK"
So what's your problem, if skipping on a 20% pay rise isn't a problem,
why do you have to implement GAK compliance to provide small amounts
of additional functionality for corporate snooping, which isn't even
on your stated user requirement list. As I demonstrated you could if
you figure this is necessary to the future of free crypto (though I
can't see that it is), implement most of the snooping functionality
without GAK compliance. It's not as if people can't hack around the
whole damn caboodle anyway, as was stated as a plus point in earlier
PGP person post. So why GAK compliance for that last couple of % of
enforceability on snooping. Think of the lower enforceability as a
boon, you've got a technical reason to use to explain to little
brother why 100% snooping doesn't work that well without 24 hr video
cams surveillance and NSA style body cavity searches at the door.
I'd suggest you print the above document out and have a discussion of
it. Get PRZ there too. Let us all know the decision so we know
whether to start investing in stego applications in preparation for
fast-track inadvertently (being generous here, since your whinge) PGP
Inc assisted GAK.
Cheers,
And hang-loose, don't get up-tight, just say no to GAK compliance.
Adam
--
Now officially an EAR violation...
Have *you* exported RSA today? --> http://www.dcs.ex.ac.uk/~aba/rsa/
print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<>
)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`
Return to October 1997
Return to “Tim May <tcmay@got.net>”