[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: key escrow procedures



C. Ellison:
> Meanwhile, where is the proof that the key being requested corresponds to
> a person on whom a wiretap has been ordered?

M. Godwin:
>The authorized key request will normally occur after law-enforcement
>officials have snagged the chip serial number from the LEAF
>(law-enforcement field) of the signal they captured with an authorized
>wiretap.

This begs the question. 

Does anybody pay any attention to what I write? I addressed this in my
posting -- if the police send the device ID of the LEAF field via *fax*
what is to prevent different officers from trading IDs? the fundamental
point is that the key escrow agency *only* gets a request for a key
based on an ID -- how do they know the `warrant' given them actually
applies to *that* key ID? answer: they don't. and as I wrote: is there
*any* circumstance under which a key escrow agency rejects a key
request? if not, WHAT'S THE POINT? ah yes, what we need is a PHONE
REGISTRATION DATABASE (BWAHAHAHA <- insane depraved mad laugh).

T.C. May wrote a long time ago about the possibility of a `black
market' in key ID exchange among the police. What's to prevent it? the
point is that the NSA in its wretchedly naive way is treating the
police as a SECURE COMPONENT.

there might be ways of alleviating this, such as ensuring that the link
from the `black box' to the key escrow agency is secure, as I wrote. We
have to wait for this idea to penetrate the brain of Mr. GraveDigger of
the NSA who's in charge of the design.

again, though, this all only shows the sheer intellectual bankruptcy of
the key escrow aspect of the Key Escrow Proposal. if I heard that NSA
was improving their thought control techniques based on anything I
write I would burn all my email...

NSA Clipper Slogan:
KEY ESCROW: LEAVE THE DETAILS TO US.