Re: Nuanced points and RFC 1984

Hi Harald,

On 8/18/15 9:59 AM, Harald Alvestrand wrote:

> I have noted that the heat of this discussion increased sharply when
> Apple and Google started device encryption by default - that is, people
> who did not care (before meeting law enforcement) would get their data
> encrypted. This obviously also means that bad actors who did not care
> would get their data encrypted - which means that they did not *need* a
> clue in order to be protected.
>
> I think this illustrates the natural tendency of technology adoption:
> Things that required significant smarts 10 years ago is now just "what
> everyone does"; things that requires significant smarts now will be
> "what everyone does" in 10 years - unless steps are taken to stop it.
>
> RFC 1984 was not about describing the state of the world in 1996. It was
> about influencing the state of the world in 2006 (and 2016!) - helping
> along the things we thought would make the world better by then
> (deployment of encryption) and defeating the proposals we thought would
> make the world a worse place (among other things, mandatory key escrow
> and all the limitations on technology that such a mandate would have to
> impose in order to be effective).
>
> That's the perspective we need to have.
There is what is technically advisable, technically possible,
technically inadvisable, and simply impossible.  The law enforcement
community may lack this understanding. 

There is that which is required by law enforcement and desired by law
enforcement, and what would be a "nice to have".  Our community
certainly lacks this understanding.

When they think what we are doing is harming their interests, it is best
that the above situation be resolved.  That has been my point.

Eliot

signature.asc
Description: OpenPGP digital signature