"Stewart" == Stewart Bryant <stbryant(_at_)cisco(_dot_)com> writes:
Stewart> On 13/08/2015 16:10, Dave Crocker wrote:
Stewart> Dave
Stewart> Many of the interesting cases can be addressed by some
Stewart> mixture of extreme key fragmentation with escrow fragmented
Stewart> across a set of organizations that are both unable and
Stewart> unlikely to collude, but would co-operate with an
Stewart> appropriate third party if presented with the appropriate
Stewart> justification.
Stewart said that he was worried that bringing RFC 1984 to BCP would
discourage us from adequately considering law-enforcements' needs in our
work.
If the above sort of technical approach is what it would mean to
consider law-enforcement needs, I'd like to confirm that my intent in
supporting RFC 1984 to BCP is to discourage such work in the IETF.
I consider that best for the Internet.
There was a lot of discussion around these issues during the 1990's and
I generally support the arguments presented at that time which I believe
are a response to Stewart's technical objection.
Which is to say, I think the point Stewart is making has been consider
for 20 years and I really hope he's in the rough on this issue.
While we were mostly focused on Clipper in the 90's, we did discuss the
general problem of key escrow including distributed systems like the
above.
RFC 1984 points out one way in which such systems are ineffective:
multiple encryption.
So, since I believe such a system would not be effective, and since I
think it would tend to have harmful properties, I do not support it, and
I do believe we as a community are saying we don't support this when we
move RFC 1984 to BCP.