[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Netscape, Corporations, and GAK Support



At 8:08 PM 11/30/95, [email protected] wrote:
>Folks, lay of Netscape on this one. _EVERYONE_ is doing Terissa for the feds to
>use themselves. There are reporting requirements (FOI) which most people
>on this
>list seem to enjoy which make the privacy issue moot. There are other
>people who do
>not want to have non escrowed data flowing over their internal nets, nuclear
>installations etc.

Ah, but Jim Clark's comments were as follows, and indicate that the issue
is the _government_ reading _private Net communications_:

---section of interview or speech with/by Jim Clark of Netscape, emphasis
added by me---


To secure Net communications, the government will need to have access to
private data exchanges
                                  ^^^^^^^^^^
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
using what is known as a key escrow security system, said Clark. He added
that an invincible security system for the Net is possible, but such
asystem won't be built unless the government

^^^^^^^^^^
has a stake in it. "That's where key escrow comes in," said Clark.

Key escrow is a controversial security system advocated by the Clinton
administration that gives the government access to private Net
communications. It uses public key cryptography, a system
    ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
in which messages are coded and decoded using a set of private and public
keys. In key escrow, the private key is held by both the individual or
group and the government. The government can
                                                        ^^^^^^^^^^^^^^^^^^
use the key ostensibly to read messages for intelligence and national
security reasons.

---end of section---

This is not then just an issue of supporting voluntary key escrow for
corporations, nuclear installations, germ warfare labs, and the Church of
Scientology, this is GAK, pure and simple.

Phill, very few of us are opposed to the voluntary use of escrow schemes.
I, myself, would be interested in a robust system wherein my lawyer, for
example, could have a "duplicate key" to some of my files. We have
discussed this issue many times. Truly voluntary key escrow means that the
criteria described above by Jim Clark, that government access to private
communications is "where key escrow comes in," would be impossible to
achieve. Clearly, the type of key escrow being supported by Jim Clark,
Dorothy Denning, David Sternlight, Stuart Baker, and others is hardly
voluntary.

>Key escrow is not bad in itself. It is the idea that individuals be forced to
>use it for private conversations that is the bad idea.

Carefully read Jim Clark's direct quotes and the views attributed to him in
the article.

>
>If people want to argue "make the technology avaliable and it will be
>abused" then
>let them. Just remember that we normally argue the other side of the case.

No, the issue is that the proposal is explicitly GAK, not a voluntary
system. Details of deployment are of course murky, and this firestorm may
help to kill it for now, but the issue is clearly that Jim Clark is saying
the government needs to be able to read private communications and that key
escrow is needed. Given that he is the Chairman of Netscape, this is
worrisome.

--Tim May

Views here are not the views of my Internet Service Provider or Government.
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
[email protected]  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."