[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: TIS, SKE, & CyberCash Inc.

>Timothy C. May <[email protected]> wrote:
>> A "voluntary" software key escrow system is of course OK (useful for
>> people afraid of forgetting their keys, for companies that don't want
>> the death of employees to cut them off from corporate secrets, etc.).
>> But any system in which the escrow key holders are *not* freely
>> selectable from a list one generates one's self (where the agents may
>> be the company lawyer, one's mother, one's priest, the bit bucket, the
>> machine down the hall, or nothing at all, etc.) is *not voluntary*.
>	"To amend the National Institute of Standards and Technology 
>	 Act to provide for the establishment and management of 
>	 voluntary encryption standards to protect the privacy and 
>	 security of electronic information, and for other purposes."

Government-ese for "here, bend over this barrel".

>Then in the Findings and Purposes section it starts to get at the
>crux of the real agenda:
>	"(2) The proliferation of communications and information
>	 technology has made it increasingly difficult for the 
>	 government to obtain and interpret, in a timely manner,
>	 electronic information that is necessary to provide for
>	 public safety and national security."
Grab your vaseline,

>This primary agenda is restated in the Requirements subsection 
>under Federal Encryption Standards:
>	"(C) shall contribute to public safety and national security;

big dude named "Bubba" and his frinds are gonna pay you a conjugal visit;

>	 (E) shall preserve the functional ability of the government
>	 to interpret, in a timely manner, electronic information 
>	 that has been obtained pursuant to an electronic surveillance
>	 permitted by law;

no condom.

>	 (F) may be implemented in software, firmware, hardware, or
>	 any combination thereof; and

Assume the position,

>	 (G) shall include a validation program to determine the 
>	 extent to which such standards have been implemented in
>	 conformance with the requirements set forth in this paragraph."

and *smile*.

>Later on, in the Definitions section, the term "electronic
>information" for the purposes of the legislation is defined in what
>I find to be an ominously expansive way:
>	"(8) The term 'electronic information' means the content,
>     source, or destination of any information in any electronic
>     form and in any medium which has not been specifically 
>     authorized by a Federal statute or an Executive Order to be
>     kept secret in the interest of national defense or foreign
>     policy and which is stored, processed, transmitted or 
>     otherwise communicated, domestically or internationally, in
>     an electronic communications system..."

Oh, yeah - you get charged barrel rent, too.

- - - - - - - - - - - - - - - - - - - - - - - - - - 
Finger [email protected] for PGP/RIPEM public keys and fingerprints.
Unencrypted Email may be ignored without notice to sender.  PGP preferred.
Remember: It is not enough to _obey_ Big Brother; you must also learn to
*love* Big Brother.