[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

New Computer Security Act




The Computer Security Enhancement Act of 1997 (HR1903)
is intended to replace the Computer Security Act of 1987.
It redefines the role of NIST in meeting federal computer security 
and encryption requirements through cooperation of industry. 
Public use of encryption is also addressed in the bill.

Two lengthy reports on the bill have been issued recently, both
of which provide overviews of the current encryption debate.

House Report 105-243, published on September 3, provides a 
detailed analysis of the bill, hearings held, floor remarks and 
mark-ups since introduction:

   http://jya.com/hr105-243.txt  (115K)

And one published today includes recent floor remarks on 
encryption, mostly supportive of public use:

   http://jya.com/hr1903-floor.htm  (44K)

One point of contention is the evaluation of foreign encryption.
The original bill put that responsibility on NIST, but the latest version
deleted that and leaves the task to BXA (and unnamed others).
Moreover, there's dispute over committee jurisdiction for other 
provisions.

Information security now attracts the swarm, with encryption the 
moths' beacon.