Re: FCPUNX:PGP Key Escrow and Congress

[Bill Stewart <stewarts@ix.netcom.com>]

At 01:27 PM 10/15/1997 -0500, William H. Geiger III wrote:
>>Do the privacy of the nation's data and the security of its
>>information infrastructure deserve the same consideration as the
>>Pentagon's "Confidential" memos?  When you're planning to build in a
>>single point of failure, this is a question you have to ask.
>
>There are those of us who see a single point of failure in such
>infrastructures as a GoodThing(TM).

However, they are incorrect :-)  The primary failure mode is
"someone official decides to rip off somebody's information".
A single point of failure means there's one big temptation target
where every official can rip off everybody's information -
but in this case that failure will not be repaired:
- it won't be reported most of the time, and 
	undetected failures are the worst.
- the cost of redesigning the system will be so large
	that even a glaring massive public failure
	won't lead to shutting it down.
- the least-bad "fix" for the problem will be to add
	official bureaucracy to the process of ripping off info,
	and maybe the individual miscreant will get wrist-slapped harshly.
- the failure will be blamed on the Four Horseman, not the system
- the probable "cure" will be to appoint a Data Privacy Ombudsczar,
	who will have authority to interfere with all sorts of
	private data but won't mess with the big Federal infrastructure.

Multiple small points of failure mean that it's less likely
that the official who wants to rip off information has access
to the set of information he wants to rip off.  You could argue
that there would be more officials with access, but probably not,
since a big pile of information is something that attracts officials
far faster than little boring piles.
				Thanks!
					Bill
Bill Stewart, stewarts@ix.netcom.com
Regular Key PGP Fingerprint D454 E202 CBC8 40BF  3C85 B884 0ABE 4639