[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Baltimore security conference, opening session



I attended the opening session of the National Computer Security
Conference this morning.  Actually it's been renamed to "Info systems
something-or-other", but I don't recall what.

The opening session is NIST's opportunity to take center stage, which
they did.  

The most interesting information to come out of the session was that
the govt is still pushing very hard for key escrow.  Most of the
speakers mentioned key escrow, and talked about the need for business
and govt to compromise to meet the needs of law enforcement blah blah
blah.

The "distinguished awardee" is Dennis Branstad, his speech was read by
Steven Walker.  In it, Branstad claimed that key escrow is a great
gift being provided by the government to the private sector, and that
companies want it a lot.

Stuart Katzke from NIST said that "our" goal (where "our" is
computer security professionals) is to deploy secure systems, but he
believes that "we" often lose sight of that goal.  Said that govt and
industry need to find compromises so that both can meet their goals
and get systems deployed.  I belive he mentioned export laws and key
escrow as areas for potential "compromises", but am not certain; if
not stated it was implied.  My interpretation is that he claims
those who object to key escrow are getting in the way of deploying
secure systems.

Someone, I don't recall who, pointed to the european "interest" in key
escrow, saying other govts might not allow systems to be deployed
without key escrow, thus key escrow was a good thing.

Mike