[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Keepers of the keys




-----BEGIN PGP SIGNED MESSAGE-----

At 03:25 PM 7/18/97 -0700, Steve Schear wrote:
>At 1:36 PM -0700 7/18/97, Lizard wrote:>Frankly, I find it mildly
>>amusing no one has asked the Congressional defenders of key escrow, point
>>blank, "What safeguards do you have against keys falling into the hands of
>>the next Ames?" Who watches the watchmen?
>
>Why not go one step further and get the strong crypto supporters in the
>Senate to tack on an ammendment to the McCain-Kerrey-bill forcing the FBI
>and our most secret security agencies to use the very same
>government/industry escrow entitites (but not any of the intelligence
>organizations themselves) for all their encrypted data storage and
>communications traffic and requiring regular GOA compliance reviews.

If you want to diddle with GAK provisions to make them just a little
more palatable (honey to make the pill go down?), I prefer my old one
from 1993 (and 4 and 5 and 6 ...).

Have the key split 12 ways, by XOR, so you need all 12, all have to 
agree the desire is justified and all can do whatever they want
with the information that the key request came in and was or was
not satisfied (by them):

1)	ACLU
2)	NRA
3)	Republican Nat'l Committee
4)	Democratic Nat'l Committee
5)	N Y Times
6)	Washington Post
7)	Christian Coalition
8)	Libertarian Party
9)	FBI
10)	NSA
11)	Speaker of the House of Representatives
12)	U S Supreme Court

Deliver requests by US Postal Service.

Have each session key released individually
(by having the sender split the session key 12 ways and
encrypt each piece under the public key of a different
agency listed above).

All requests include the name of the target and the
reason for the suspicion.  Since all the above can be
trusted, there will be no compromise of law enforcement
objectives.

 - Carl




-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.0
Charset: noconv

iQCVAwUBM9AdCVQXJENzYr45AQGVPgP+LULZPUSQB+xOm8nv5RfNCnAPy3XgK4vR
rSxTuVw2kS/xVSb/gKNNfA5E4Eb+B/2H9zylfOe8Sz3ki5kWoP0xJvXhNIikNFb4
+fTJFClfWbONYag01kLQRjYiXvcVN+T6oH4s8490R2rgTpRebSG5opPMLaBTSpI8
R292Uw4719c=
=4+Ph
-----END PGP SIGNATURE-----


+------------------------------------------------------------------+
|Carl M. Ellison  [email protected]   http://www.clark.net/pub/cme |
|CyberCash, Inc.                      http://www.cybercash.com/    |
|207 Grindall Street   PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Baltimore MD 21230-4103  T:(410) 727-4288  F:(410)727-4293        |
+------------------------------------------------------------------+