David Hayes <david(_dot_)hayes(_at_)mci(_dot_)com> writes:
At 06:53 AM 11/5/97 -0600, William H. Geiger III wrote:
Plain and simple with or without CMR if the government is going to pass
laws requiring that all messages be encrypted with a government key then
you are f**ked, plain and simple.
Your statement supposes that _the_ (singular) government will do this. In
fact, there are many governments in the world. Some of them already have
draconian laws, some have rejected them, and many are still sitting on the
fence.
Absolutely. William's statement over-simplifies the logistic problems
for governments in installing GAK.
The interoperability issues (many governments with different political
stances) and ease of software migration path are important. With a
mail encryption standard, and implementations which aid the user in
complying with French (SCSSI) additional recipient requests, and with
Israel (mossad) requests the job is made considerably easier for
governments.
Let governments build their own infrastructure, let governments work
out their own software migration plans, and let governments deploy
their own software.
Clipper failed, let's not help them build clipper VI aka OpenPGP with
CMR.
PGP is supposed to protect our information from adversaries, even
democratically elected adversaries.
Right. Security risks aren't fussy about the politics of the people
who exploit them.
It would be better NOT to have features which are easily abusable by
adversaries, even if those features have some legitimate use. Certainly
such features should not be REQUIRED elements of a standard.
Fortunately the CMR approach fails for security reasons alone, so we
can dismiss it for that reason. (Though I do agree with the above
statement).
Thus, using GAK means cutting one's self off from the rest of the
non-GAK world.
This is exactly what I argue we should be engineering in open
standards: extra GAK resistance. If the international standards
purposely make it difficult to install GAK we have half won the
battle. The IPSEC IETF standards people grok that argument, Ian Brown
posted a URL a while back on this list explaining this strategy.
To take an example SSL is forward secret. This means that it is hard
to install `corporate/government web traffic recovery' because there
is no software available to do it, and because it would cut those
governments which tried it off from the rest of the world.
This is why some of us have been arguing for forward secret transport
level security for mail delivery.
Adam
--
Now officially an EAR violation...
Have *you* exported RSA today? --> http://www.dcs.ex.ac.uk/~aba/rsa/
print pack"C*",split/\D+/,`echo "16iII*o\U(_at_){$/=$z;[(pop,pop,unpack"H*",<>
)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`