[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Why is cryptoanarchy irreversible?
>At 12:58 AM 11/8/1996, [email protected] wrote:
>> Strong vs. weak crypto isn't the real issue - for most business use,
>> weak crypto is obviously unacceptable, but strong crypto with GAK
>> is ok as long as it doesn't interfere with use (and as long as the
>> government bureaucrats don't sell too many keys.)
To which, at 09:02 AM 11/8/96 -0800, Peter Hendrickson wrote:
>We often say that the government is a security weak point and that
>this makes GAK impractical. However, this is not true. If the
>holders of the government keys were individually responsible for
>their release, they would not be released very often. That is,
>in order to use cryptography you must purchase an expensive
>encryption license. That pays the salary of a certified "key
>escrow agent" who is the only person who can decrypt your messages.
>What stops him from revealing your keys to unauthorized parties?
>It's his business. If that's not enough, you back it up with
>criminal penalties for disclosure. And, hiring this person is
>no different from hiring an employee for your company.
>
>There are already similar activities. Lawyers are nominally employees
>of the state. Employees of Swiss banks can go to jail for violating
>their secrecy laws.
Then there is the meat-packing inspectors, I don't know if this should give
piece of mind or instill new fear. The inspectors were put in there because
the meat was rancid, the thing is, some of it still is if you listen to the
critics.
A partial fix at least.
>At 12:58 AM 11/8/1996, [email protected] wrote:
>> The government might be able to stop new Netscape versions from
>> using strong crypto - threatening to confiscate the company's
>> ill-gotten gains from aiding and abetting money launderers might help,
>> and threatening to confiscate PCs that use unapproved crypto.
>> But it's tough to use a widespread threat like that on popular
>> software once it's out there.
To which, at 09:02 AM 11/8/96 -0800, Peter Hendrickson wrote:
>I agree, if the software is popular. But, if the fears of the GAKers
>and the dreams of certain cypherpunks are real, such software will
>not be popular.
Another point is, if the government attacks Netscape for their strong
crypto(which is pretty hard to get, I'm in Oklahoma and I couldn't get it
because some server didn't know for sure that my server was in the United
States or Canada), someone will probabally make an in-line plug-in for
encrypted data, and this plug-in may affect more of the browser than the
existing system, making it more dangerous to the governments schemes.
Anyone know where the data is stored on how to write for Netscape?