[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Talking to Jim

On Sun, 3 Dec 1995, Anonymous wrote:

> Jim Clark was quoted as having written:
> > I made some pragmatic comments.
> > I said that if we are to use this encryption technology in 
> > business, we must have a better solution than to limit 
> > keylength or put keys in escrow. All governments of the world 
> > have a valid concern about terrorism and other activities of 
> > concern to the security of their nations. 
> So what?  If their position were (as it has long been in some countries)
> that their "concern" is best addressed by wholesale eavesdropping and  
>  informant networks, would you cave to that, too? This is an absurd 
>  foundation.

Worked great in France, right?  No terrorist problems there or anything.

> > All of them will continue to restrict our ability to provide 
> > products to their markets unless we build in some mechanism 
> > that allows them to legally access information that is in the 
> > interest of their national security. 
> Whoa!  You're giving away the store without a fight!  You've been able to
> capture what, 60-70% of the browser activity "market" and get a huge 
> amount of capitalization from the public market, and you're whining that 
> the world's going to end if government "restrictions" continue, just 
> because those restrictions might slow down your commercial world 
> conquest? Give me a break!

Mr. or Ms. Anonymous here has hit on the nose what irritates me about 
Netscape's attitude.  For them opposing GAK is not voluntarily installing 
it into their software, sending a lackey (who may or may not know squat 
about how to schmooze washington and beltway fever types) to babble at a 
conference, and generally snowjobbing the educated portions of the 
marketplace by claiming to be on their side in opposition to GAK.

I am reminded of a certain dictator of a certain canaled nation who's 
anti-drug rhetoric was the strongest voice in Central and South America 
for a time.

> LET THEM CONTINUE to restrict! That will take care of itself quite 
> handily. You're just afraid you'd miss some opportunities, or be one of 
> the commercial casualties, isn't that right? Isn't that what this is 
> really all about?

I think it's more about laziness actually.  Netscape would (should) see 
quite quickly that key escrow is going to hurt them in the foreign 
market, and to some extent in the United States.  One would expect them 
to discover this and be screaming bloody murder.

As I have said before, as I will repeat, I'm sure the list is tired of my 
babbling, Netscape has a voice.  If Netscape were to scream and yell that 
GAK is unacceptable, people would take notice.  What does Netscape have 
to lose exactly?  If they still make GAK the law of the land, Netscape 
is, of course, probably going to comply.

_What does that have to do with trying to prevent it from ever being made 
the law of the land?_

I am saddened that the company which has so much power today to further 
the technology, the freedom and velocity of information, and privacy, is 
such a bowl of pudding.

> And a valid concern, too, but not at the expense of my 
> freedom! It seems clear from the way you put this that world 
> standardization at ANY level of security would satisfy your commercial 
> objectives.

Which is a silly objective considering the inviability of a NSA designed 
escrow system in any foreign market.

> > (We obviously cannot be involved in determining what is legal 
> > by the laws of that country.) 

Determining the falsehood of this statement is left as an exercise for the 

> > This is not just a US government problem. Until recently, 
> > France did not even allow us to sell products with 40-bit 
> > keys, much less 128-bit keys. 
> And some of us think that such idiocy, like celibacy, is a 
> self-correcting phenomenon in this information age.

Why any company would model their efforts after the French government is 
a complete mystery to me.

> > A lot of ordinary citizens are rightly concerned about their 
> > own privacy. 

Here comes the snow job.

> > I am one of them. 

It's going to be a white christmas honey.
> > I do not want the government to snoop on me, 

Did you buy road salt?

> > but in fact the government, through the FBI, can now tap my 
> > phone without my knowing it by simply getting sufficient 
> > evidence that I am conducting illegal activities, then 
> > presenting this evidence to a court to get permission. I have 
> > no say in the matter.

Gee, let's make sure they can do it for Netscape too!

> > If we as a company were to take the position that in no case 
> > will we allow a government to get access to our encrypted 
> > messages, or refuse to allow key escrow with our products, 
> > the governments of the world will quickly put us out of 
> > business by outlawing the sale of our products in their 
> > countries. 

Wow.  Where did you learn your economics?

In the alternative, where did you learn your propaganda skills?
This sounds like School of the America's Stuff.

> I believe you have underestimated the power of a leading-edge 
> 21st-century information product that is "Not available where 
> regulated." I think you're copping out and looking for the easier, "Now 
> with the best encryption available! (because no one is allowed to offer 
> better)"

In fact, if Netscape really wanted to do well, they should be promoting 
their product, which I might add has a strong showing in the 18-24/5 
bracket- precisely that bracket likely to fret over government involvement,
as "Crypto so strong, it is banned in (x) countries!"

> > The fundamental issue is how do we accommodate the 
> > requirements of governments, while protecting our 
> > rights as citizens.

WOAH!  Now I'm REALLY pleased I sold my stock.

They bloody well SOUND like the NSA.

> > None of this represents the position of Netscape with 
> > respect to what we will do. 

Perhaps, perhaps not.  It sure seems to represent the attitude we can 
expect even from the 'pro crypto' types in Netscape.  If this is the 
limit of your potential....

> > But if we do not come up with a solution to this problem 
> > that is acceptable to each government, 
> There it is:  Supine, prostrate, submissive.

Jim, and Netscape in general, simply has no idea what-so-ever what kind 
of sword they are carrying.  Someone needs to give them a shot of 

> > In fact, we could even be ordered by our own government to 
> > establish a key escrow system for its use inside the US.

The way you are going, you will.  Why, as you sound so upset about this, 
aren't you DOING something?  Why aren't you out behind a podium pounding 
your shoe with:

"We will not accept GAK, it is wrong, we will bury you."

The time for submission and kissupping, for which there will be MUCH 
time, as AFTER GAK is mandatory.  (Some might argue that this is the time 
for work to have it repealed, but they don't know much about institutions 
in the U.S.)

> > Ironically, anyone in the US may import unbreakable 
> > encryption technology from another country -- we just 
> > cannot sell it back to them. No one ever accused the 
> > government of being rational.

> This is the clearest thing you've written in the whole piece

He is confused.  He knows the issue, he just doesn't know what to do.  
Like a child with a firearm.

> > I chair an industry group called the "Global Internet 
> > Project", with members from almost twenty companies, 
> > including companies from Asia and Europe. This was the 
> > central issue we all agreed upon this morning, and we 
> > are putting together a policy statement whose purpose 
> > is to educate lawmakers on the importance of quick 
> > resolution of this matter.

Wow.  You have done more damage than you know.

A quick resolution is going to be in your detrement.

"Diamond, oh Diamond, you know not the mischief done."

My prefered and soon to be permanent e-mail address: [email protected]
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information