[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: AW: binding cryptography
-----BEGIN PGP SIGNED MESSAGE-----
In your mail, you write:
> That is correct. Sorry that the BTW-statement is so evident. Some people
> did not understand that if you *do* agree, then you *can* be breaking any
> rules...
Which of course implies that to be effective, the system can't allow
anyone to opt out.
> >Which they will, and presumably already do. Therefore, your proposal
> >does not and cannot hamper criminals. Therefore, your proposal only
> >hampers law abiding citizen-units' access to uncompromised crypto.
>
> I do not agree. For instance, the encryption possibilities of wordperfect,
> and MS-word are weak; my mail-system (ms-exchange) does not have any
> encryption at all. The security of these important Custom of The Shelf
> products can and will be enhanced..
And as I pointed out above, the system only works when compromised-key
crypto is all that is available. Where there are more secure options
available, people will choose them. Your example is a good one:
WordPerfect, MS Word and MS Exchange may well choose key-compromised
crypto to gain the approval of the state. Thus, those products will
never have real security. I can't agree that key-compromised crypto is
secure at all, as it requires that some third party hold key (or the
means to recover keys). You may argue that the supposed TRP can
actually be trusted. I'm not willing to grant that trust without good
cause. In the case of governments, I'm simply not willing to grant that
trust at all. (to be fair, I acknowledge that the USA is not the
Netherlands, and you may not understand Americans' distrust of our
government)
> The point is that public available systems should *aid* not them in their
> criminal activities, let them search for alternatives. Compare it with the
> legislation we have here on the sell of guns. You sort of say: hey, that
> does not help cause criminals will get it somewhere. I say, that is true,
> but it will make their lifes more difficult, or maybe I should say less
> easy.
My point is that I, as a member of the public, should not be restricted
in *my* choices. Just as gun control laws make it harder for me to
lawfully purchase and own a gun, your proposal makes it harder for me to
lawfully obtain strong cryptography. The obvious difference is that
guns are capable of inflicting fatal damage to humans, where
cryptography is not.
> >Registration plates do not "stop criminals". Locks do not "stop
> >criminals" (although they might slow a criminal down). Neither will
> >compromised crypto "stop criminals". But all the above impinge on my
> >liberty. Am I to give up yet another freedom?
>
> Our system slows down criminals too, or maybe I'd better say does
> not speed them up.
And it also makes me more vulnerable. You are asking me to compromise
my own security because some other person might abuse his own
capability. Will you also ask that I allow my muscles to atrophy to the
point where I cannot inflict damage with a blow from my fist, because
others might decide to fight?
It is important to remember that cryptography is 100% defensive. It
_cannot_ be used in an offensive manner. Any plan to weaken or restrict
cryptography is a plan to disallow defenses. How can you ask me to
leave myself vulnerable to attackers?
> We believe our system gives a solution in which every democratic
> country on his own implement to their middle, without losing
> connectivity with countries that think otherwise.
Repressive states will endeavor not to allow connectivity with
non-repressive states. Your plan only facilitates the repressors.
Thus, you offer weapons of repression to governments.
Still think it's such a good idea?
- --
Roy M. Silvernail [ ] [email protected]
DNRC Minister Plenipotentiary of All Things Confusing, Software Division
PGP Public Key fingerprint = 31 86 EC B9 DB 76 A7 54 13 0B 6A 6B CC 09 18 B6
Key available from [email protected]
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBMmRoQxvikii9febJAQHOvAQAhzUvsJapB+lBWM0MNjkOPFg0PtIFIKID
7uhWjzQ7Lwp7WlCeiqcB9+AdZuQMxAC/cq4uJai98jv8/5ba3t1uPiLMIx+ytSAN
q8UURDF3CWaX5TAzrC0OvdPUc+LONXVBebX0PMtwHaGZfsJWnebschJA36zRIY8Z
in8xv1t78Z8=
=GITW
-----END PGP SIGNATURE-----