Government-Controlled Trust Hierarchies

[tcmay@netcom.com (Timothy C. May)]

Two recent threads have been:

* Government-controlled ID systems (National ID Card, is-a-person
credentials, etc.)

* Software Key Escrow (SKE)

These two threads are intimately connected, I claim. We would do well
to consider how they relate, given the recent revelations about plans
for SKE by Microsoft, the already-existing (but mostly unused?)
features in Apple's AOCE/System 7 Pro/etc. system, the proposal by
Stephen Walker at TIS of an SKE system, and the press for a National
ID card.

The "anarchic" model of the "web of trust" found in PGP is anathema to
control freaks...sorry if this sounds like I'm grinding an ideological
axe, but I don't feel I have to make posts to _this_ group sound like
impartial, academic papers.

Someone discussing key escrow here recently said that one thing he's
want to see in any "voluntary" system is "proof of identity." Though
many of us here dismissed his arguments as Detweileresque, in that
Detweiler was always trashing pseudonymity (while being by far the
most obvious user of it, ironically). But I think these arguments are
common in some circles.

For example, to use the Apple Open Collaboration Environment (AOCE)
stuff, one gets one's key by submitting to RSA a notarized statement
of one's identity. I haven't done this, and have no intentions to ever
do so, but I gather than one take's one's passport, birth certificate,
etc., down to a Notary Public, she confirms that the person is indeed
"Sue D. Nym," signs and stamps the AOCE or RSADSI form, and this is
snail-mailed to RSADSI in Redwood Shores. Some days or weeks later,
one's key arrives.

Sort of kills the idea of multiple keys for multiple purposes, of
changing keys frequently, and of not going through such a process in
the first place. Oh, and of course it costs money (the Notary for
sure, and maybe RSADSI...though maybe Apple gives your a free coupon
"Good for One Key Generation").

The Microsoft thing may be going down a similar track. The Microsoft
paralegal who confirmed to me yesterday (via Blanc Weber, who can
attest to what I'm saying) that MS is indeed pursuing SKE claimed
that this is primarily to meet export laws and will not apply, he
claims, to U.S. users.

(I'm confused. If it's _export_ laws, and not _import_ laws into
Haiti, Iraq, France, or other police state who may insist on key
escrow, then won't all U.S.-sold packages of "Chicago" have to have
this SKE built in? Why should U.S. export laws care about what key
escrow laws other countries have? Since when do we enforce other
countries' laws at our borders?)

From everything I am seeing, SKE will be incorporated into some
widely-used operating systems, notably, Microsoft's upcoming release
of "Chicago," the successor to Windows 3.1. (Chicago is essentially
Windows 4.0)

Who will write this? The SKE proposal described at the Karlsruhe
workshop in international key escrow was authored by Stephen Walker
and David Balenson of Trusted Information Systems. Matt Blaze's post
yesterday discussed this in more detail. 

I suggest we look very closely for connections between TIS and
Microsoft, Apple, Novell, Sun, and any other major OS providers. I
believe TIS is preparing an SKE system that involves the "proof of
identity" notary system Apple and RSADSI are now using, that involves
mandatory selection of escrow agents (*), and that will be widely
deployed in upcoming future operating systems, probably in Chicago in
1995 and maybe in Apple's System 7.5 in '95 as well.

As Hal Finney notes, this will nuke the "web of trust" model, and will
also make all systems in which keys need to be generated on an ad hoc,
as needed basis very difficult or impossible to deploy--at least if
the built-in systems of Chicago or System 7.5 are to be used.

(* A note of confusion. I don't see how the schemes described by Matt
Blaze, Carl Ellison, and others here, in which groups of communicants
agree on a mutual escrow agent can work. For example, suppose a bunch
of say, "OK, we'll play your silly game. We'll use your software,
but our "escrow agents" will be "cypherpunks.nil" and
"bitbucket.void," both of which consign all incoming keys to oblivion.
Whutja gonna do now?" This makes the escrow agents a charade, unless
of course there are laws regulating escrow agents!)

In closing, it looks like the anarchic, distributed, web-of-trust
stuff has been recognized as something governments need to quash. The
first attack, Clipper, failed miserably, for various reasons.

The second attack is much more insidious. Use various pressures on
Microsoft (Gee, I wonder what _that_ could be?) to deploy a Beltway
Bandit-deveoloped (TIS, with inputs from Denning, NIST/NSA) system
that is, happily, "freely exportable." This satisfies Cantwell (so she
drops her bill), this allows Clipper to be quietly killed, this allows
Microsoft to free export Chicago, Daytona, and other such products,
and this presumably keeps the national security state people happy.

Well, this is my scenario. It could be wrong in some details, but
clearly something is brewing out there....too many pieces are matching
up.

Vigilance!

--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
408-688-5409           | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."