1998-05-09 - Re: DoD orders vendors to use Key “Recovery”

Header Data

From: Alan Olsen <alan@clueserver.org>
To: “Trei, Peter” <ptrei@securitydynamics.com>
Message Hash: da8860323c2f7c5efc7f6cb1c2ea83aca54b8591be81ea4a48ff5ad507b2be61
Message ID: <3.0.5.32.19980508204952.040f2d70@clueserver.org>
Reply To: <6B5344C210C7D011835C0000F8012766017A75E6@exna01.securitydynamics.com>
UTC Datetime: 1998-05-09 03:55:42 UTC
Raw Date: Fri, 8 May 1998 20:55:42 -0700 (PDT)

Raw message

From: Alan Olsen <alan@clueserver.org>
Date: Fri, 8 May 1998 20:55:42 -0700 (PDT)
To: "Trei, Peter" <ptrei@securitydynamics.com>
Subject: Re: DoD orders vendors to use Key "Recovery"
In-Reply-To: <6B5344C210C7D011835C0000F8012766017A75E6@exna01.securitydynamics.com>
Message-ID: <3.0.5.32.19980508204952.040f2d70@clueserver.org>
MIME-Version: 1.0
Content-Type: text/plain


At 03:05 PM 5/8/98 -0400, Trei, Peter wrote:
>
>
>I hope someone sends them the NSA report on the security hazards of
>KR. 

I think that people should sell the Government crypto software with key
recovery.  We need to have a backdoor into the government's communications.

Any key recovery system sold to the governemtn should have a real obvious
and visible key recovery system so they know that it is there.


>
>Peter Trei
>ptrei@securitydynamics.com
>
>---------------
>http://www.gcn.com/gcn/1998/May4/cov1.htm
>
>GCN May 4, 1998 
>
>Defense wants PKI now 
>Department intends to make vendors use strong encryption 
>By Christopher J. Dorobek 
>
>To jump-start development of a public-key recovery system, the Defense
>Department plans to require its vendors to use strong encryption,
>deputy Defense secretary John Hamre said recently.
>
>Because it wields significant buying clout, Defense's more stringent
>requirements should boost government and industry efforts to build
>systems for managing encryption keys, Hamre said last month at an
>Armed Forces Communications and Electronics Association event in
>Washington.
>
>Agencies cannot wait for the government and industry to settle on a
>national encryption policy, Hamre said.
>
>Through successive administrations, the government has tried to
>develop a singular policy on encryption. But so far, the efforts have
>failed.  Generally, industry has criticized the government's policy
>proposals as too restrictive.
>
>"We have an important national imperative to protect ourselves in this
>world," Hamre said. "We can't wait to have this issue resolved ...
>therefore we're going to buy encryption with key recovery."
>
>Vendors will have to use encrypted data and be able to recover it when
>doing business with DOD, he said.
>
>Defense will work out a final policy in the coming weeks, Hamre said.
>
>[...]
>
---
|              "That'll make it hot for them!" - Guy Grand               |
|"The moral PGP Diffie taught Zimmermann unites all| Disclaimer:         |
| mankind free in one-key-steganography-privacy!"  | Ignore the man      |
|`finger -l alano@teleport.com` for PGP 2.6.2 key  | behind the keyboard.|
|         http://www.ctrl-alt-del.com/~alan/       |alan@ctrl-alt-del.com|





Thread