[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

GAK & RSA



-----BEGIN PGP SIGNED MESSAGE-----

RSADSI has been adamantly opposed to Clipper. You'd expect them to be
opposed on business grounds; after all, Clipper wouldn't bring them
any revenue and could quite possibly put them out of business if other
forms of encryption were outlawed. I don't remember seeing many
specific comments indicating that RSA was opposed to GAK on
philosophical grounds (well, OK; some quotes on their "Sink Clipper"
poster, if those count).

Other groups were opposed to Clipper because Skipjack is of unknown
strength.

Putting the cypherpunkesque arguments about how GAK is a big step down
the path towards a surveillance state, is it possible that the
software GAK (SGAK) scheme could easily incorporate RSA's technology?

Imagine: Schlafly et al win their court case, and RSADSI's patents on
RSA and other public-key technology are declared invalid. SGAK can
thus use RSA without any problem. The "Skipjack, DSS, and SHA may be
weak" crowd can't object to RSA's strength, and of course RSADSI will be
in no position to object.

Another scenario: RSADSI wins and their patent remains valid. They
can't refuse licensing to any entity which meets their terms, so SGAK
can still be deployed, but RSADSI then gets a royalty.

_This_ is what's scaring me. If Microsoft, Apple, et al offer weak
encryption as part of SGAK, objections can be made to the weakness. If
they use RSA, that avenue is gone.

- -Paul


- -- 
Paul Robichaux, KD4JZG      | "Information is the currency of democracy."
[email protected]           |     - some old guy named Thomas Jefferson
	       Of course I don't speak for Intergraph.
	       

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAgUBLkemSKfb4pLe9tolAQGYiAP9EEwh/ImtxO6VoeGW6Ur15lwM+eJy9MRR
liYk+LMisjfJUwdO7Ngz2EDg/gKWky3u/t2LOm5347tekShXJXEqFqmRlGIt2xu7
8eSMRxRpewYTtYstPWPBaxBe6nzBSfD7BciQseqEU1b6ug21pB53hzHgYP7OwtrY
NEZSuas7C9g=
=+J/I
-----END PGP SIGNATURE-----