1997-10-29 - EU E-Commerce Report

Header Data

From: John Young <jya@pipeline.com>
To: cypherpunks@toad.com
Message Hash: 951af87ada9e27e716e31319e97844731cffb82c6277eb368bb653ac5accf3fe
Message ID: <>
Reply To: N/A
UTC Datetime: 1997-10-29 11:29:42 UTC
Raw Date: Wed, 29 Oct 1997 19:29:42 +0800

Raw message

From: John Young <jya@pipeline.com>
Date: Wed, 29 Oct 1997 19:29:42 +0800
To: cypherpunks@toad.com
Subject: EU E-Commerce Report
Message-ID: <>
MIME-Version: 1.0
Content-Type: text/plain

The EU-based Global Internet Project has published a new 
report on electronic commerce:

   http://jya.com/gip-ecomm.htm  (29K)

An excerpt on crypto policy:

1.No nation's cryptography policy can stand alone.

2. Immediate steps should be taken to solve pressing 
cryptographic needs that directly affect the global Internet.

3. Reliable and international systems for authentication 
and integrity should be established.

4. Governments and industry must respond to legitimate user 

5. Users should be permitted to decide whether and the degree 
to which key escrow, trusted third party, or key recovery 
technologies will be desirable in their environments or not.

6. Trade barriers should not be disguised as cryptographic 

7. Export controls on encryption should be made multilateral 
in practice and when used, focused narrowly and genuinely on 
national security threats. They should not be used as indirect 
domestic controls.

8. Governments should establish and publish the process by 
which keys will be obtained for government purposes. This 
process should include independent judicial review, time limits 
on access, reasonable notice to the key owner when this would 
not interfere with the purposes of the decryption, and 
opportunities for independent audit of compliance with legal 

9. Liability for misuse of escrowed keys should be the subject 
of international understanding.

10. When key recovery is voluntarily chosen by the user, 
self-retention of key recovery information should be encouraged.