[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Netscape gives in to key escrow



sameer wrote:
> 
> http://www.cnet.com/Central/News/govt.html
> 
>         Bad. Very Bad. And I was almost starting to like Netscape.

  Please don't give up on us yet.  All press accounts I've read so far
have lots of stuff attributed to Jim, but very little of it is actual
quotes.  There appears to be lots of paraphrasing and interpretation
being done on the part of the reporters.  The impression that I'm
getting is that the press has blown a couple of small sound bites
way out of proportion.  The infoworld article that covers the same
speech only devotes about 20% of the article to the key escrow topic,
and is similarly devoid of actual quotes.

  I have not spoken to Jim about this, and I did not hear the talk
myself, so I'm mostly reading between the lines here.  After I saw the
story earlier today I started asking around to see if the company
had made any major policy shift in the direction of GAK, and wasn't
able to turn up anything.  If anything its the opposite.

  My feelings about key escrow, which were echo'd by several folks
in management when I spoke to them today are:

	o Government mandated escrow would be a bad thing
	o There are some settings where escrow is good, in the corporate
		setting, or as a matter of person choice(to protect against
		loss of password)
	o The whole issue of escrow should be de-coupled from the
		export issue

  I don't want to go down in history as a facilitator of the totalitarian
state, and I don't think anyone else here does either.  I hope folks
wait for press releases, product announcements, etc. before condemning us
too much.  Jim has made comments in the past that were quoted out of
context, and blown way out of proportion to the point that some people
believed that we were monitoring our user's every keystroke and sending
it all back to the home office to generate huge demographic databases.
I suspect that this is the same sort of thing, and I hope everyone will
judge us by what we do.

	--Jeff

PS - you won't find a LEF in the soon to be released SSL Version 3 spec...

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
[email protected] - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.