[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: why is no one (apparently) worried about escrowed key length limits?
Ernest Hua and several others have asked things like:
>It appears that (from the responses I have gotten on why there are key
>length limits at all on escrowed encryption) I am not forgetting
>anything obvious.
>So why is no one seriously questioning why this limit has to be there
>for key escrow?
>One suggestion was: the NSA does not completely trust key escrow. But
>if the NSA (who should know all the inner secrets of it) cannot
>completely trust key escrow, then why should WE trust key escrow?
What the NSA can't trust isn't the key escrow itself - it's the ability
of applications to work around the key escrow, so they get decent
encryption without escrow. They also can't 100% trust escrow agents;
maybe Cosa Nostra Key Escrow has an "accidental" disk crash that
wipes out 5% of their clients' keys one week, and discovers that
the backup tapes can't be read. Or terrorists who've been using
Uncle Sam's Nephew Fred Key Escrow make him an offer he can't refuse,
just as the FBI is closing in on the terrorist ring. It's for your
own protection, after all! So they need to be able to crack it,
just in case.
Alternatively, they really Just Don't Get It. Or they hope that industry
will get tired of arguing, and take the deal in return for export permission,
figuring that they've got the upper hand so they don't need to fold early,
while more and more vendors succumb to FUD and make deals like Lotus.
<cynicism-mode +3> Or they _know_ that nobody likes it, and industry
will refuse to cooperate yet again, so they'll go to Congress saying
"OK, we've given the industry three _perfectly reasonable_ choices,
and they're too stubborn and hostile to cooperate, so it's time to
stop playing around and just make a new law whether they like it or not."
# Thanks; Bill
# Bill Stewart, [email protected], +1-415-442-2215
# goodtimes signature virus innoculation