[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

EE Times Nov 22, p1: "US weighs Clipper chip alternatives"



The story, by George Leopold, has some obvious errors [like the "fait
accompli"], but may have nuggets of new info.  I expecially like the
paragraph about the purpose of the encryption review.  It's half right:
the half about its purpose being to shove Clipper down our throats.  But
if they wanted to bring Congress and industry into the review process,
they should've run it declassified and in open meetings.

	US weighs Clipper chip alternatives
	by George Leopold

"The Clinton administration is readying a new encryption policy that
could help defuse industry opposition to introduction of the
government developed Clipper chip by embracing commercial technologies
as alternatives for network security, according to government and
industry sources.

"A National Security Council panel led by George Tenet [sic], special
presidential assistant for intelligence programs, is completing a
broad review of government encryption policy with an eye toward
employing the Clipper chip, as well as commercial alternatives, to
ensure privacy and security on public networks.  Those would include
the proposed electronic superhighway, or National Information
Infrastructure.

"Tenet could not be reached for comment on the review's status, but a
U.S. official said last week the results of the seven-month National
Security Council policy review will be announced soon.

"The Clipper chip, backed by the National Security Agency and proposed
by the Clinton administration in April as a new data-encryption
standard, is widely viewed by industry critics as a fait accompli,
since the spy agency wants to use it to protect intelligence data.

"Asked in an interview last Monday whether the policy review would
result in modification of the Clipper chip proposal, Michael Nelson,
special assistant for information technology in the White House Office
of Science and Technology Policy, acknowledged the need to consider
other encryption technologies for network security, including software
solutions.  He also said the government should have sought greater
industry participation before proposing the Clipper chip.

"Industry opposition to the Clipper resurfaced at a recent
government-industry technology summit in San Francisco (see Nov 8,
page 1).  During a panel on the NII, Nelson told angry company
executives that the Clinton administration would not impose Clipper on
industry or rule out alternative encryption technologies.

"``Clipper is not a silver bullet, it's not even a brass bullet,''
Nelson said.  ``It's only one approach.''

"He added, ``If we don't address these [network security] issues,
people won't use the NII.''

"Nelson said last week the National Security Council review was
designed to bring industry and Congress into the process of looking
for commercial solutions, besides Clipper, to the network-security
issue.  Industry groups said last week they have contributed to the
review, which began shortly after Clipper was proposed.  The review is
expected to result in a decision on how to implement Clipper.

"A decision on how to proceed with the Clipper proposal was scheduled
for Sept 1 but was delayed in response to a recommendation from a
private-sector advisory group to the Commerce Dpeartment."

...

"Acknowledging industry's concerns, the initiative also includes
creation of a key-escrow system to ensure the Clipper chip would be
used to protect privacy." ...

...  "Two key-escrow data banks would be overseen by a pair of
independent agencies designated by the Justice Department and the
White House.  A decision on which agencies will oversee the databases
has not been made, Commerce spokeswoman Anne Enright Shepherd said
last Wednesday."

...

"Clipper ``was forced upon [the Clinton administration] before they
had a chance to evaluate its impact,'' Bruce Heiman, a Washington
attorney representing the Business Software Alliance, said last
Tuesday.  ``NSA sold them a bill of goods.''

"The policy review means ``they realize that Clipper has problems...
but they don't want to rule it out entirely,'' Heiman said, adding
that industry would accept Clipper as one alternative to network
security only if it is part of a truly voluntary program that includes
public-key encryption."
--
John Gilmore                [email protected]  --  [email protected]  --  [email protected]
  ``This committee has not tried to determine whether the National Security
  Agency tendency to advance exaggerated claims of authority ... stems from
  conscious policy or the actions of individual NSA employees.''
The Government's Classification of Private Ideas, House Report 96-1540, p. 67