[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Whom can you trust with your keys -- government version



> From:          Hal Abelson <[email protected]>
> Date:          Thu, 12 Dec 1996 15:29:25 -0500
> To:            [email protected]
> Subject:       Whom can you trust with your keys -- government version
> Reply-to:      [email protected]

> -----BEGIN PGP SIGNED MESSAGE-----
> 
> 
> The Commerce Department draft crypto export regulations (see
> http://www.steptoe.com/commerce.htm) include the following stipulation
> on Key Recovery Agents:
> 
> 
>     Evidence of an individual's suitability and trustworthiness [to
>     act as a key recovery agent] shall include:
> 
> 	(i) Information indicating that the individual(s):
> 
> 	     (A) Has no criminal convictions of any kind or
> 	     pending criminal charges of any kind;
> 
> 	     (B) Has not breached fiduciary
> 	     responsibilities (e.g., has not violated any
> 	     surety or performance bonds); and
> 
> 	     (C) Has favorable results of a credit check;
> 	     or,
> 
>        (ii) Information that the individual(s) has an active
>        U.S. government security clearance of Secret or higher
>        issued or updated within the last five years.
> 
> It's nice to know that we can trust ex-cons, frauds, and deadbeats to
> hold our keys, provided that they have obtained a Secret clearance.

Sorry, but you're mistaken. There is an implied AND between (i) and
(ii), not an OR. 

Curiously, it looks like I may be eligible to run an GAK service.

Peter Trei
[email protected]