John [Gilmore],
I first joined the ACLU back in about 1953. My favorite book in high
school was John Stuart Mill's "On Liberty." I don't think I need any
lectures from you or anyone else on the subject of our constitutional
rights, and the degree to which they are often threatened in the interest
of "political correctness."
If you will go back and look at the context of my message again,
you will see that I was advocating a separation between the ability
to communicate securely with someone, vs. the necessity or
advisability of believing or trusting someone BY DEFAULT whom
you have never met, nor been introduced to by someone whom
you trust. I was arguing that the IPRA scheme may make it possible
to syntactically authenticate and therefore securely communicate
between two parties, but that the current system provides minimal
semantic authentication. In particular, I was opposing the notion of
bilateral trust as being the norm for most interactions across PCAs
with different Policies.
I have no problem at all if you wish to communicate with me, or the
President, or anyone else in the world using encryption for legal
purposes. Regardless of those who would like to require the use of
Clipper by innocent people without having any probable effect
on the criminal population, I would like to think it was your right to
use PEM with 16-fold DES and 4000 bit RSA keys if you choose to
to do so and can find someone else to use such a system.
Unfortunately, despite the fact that a number of the Founding
Fathers were pretty good cryptographers, especially Thomas
Jefferson, they didn't include the right to encrypted communications
within the Bill of Rights, so we are going to have some problems
with those who tend to think that the ends justifies the means.
Maybe you ought to push for a Constitutional Amendment.
However, although I would like to think that you have the right to
communicate with President using encrypted PEM, I think you
would have a very hard time arguing that he has any
OBLIGATION to respond to you in the same manner,
especially if you do not even extend sufficient bone fides
to let him know with some reasonable level of assurance
who you are. Let's face it -- present company presumably
excepted, there are a lot of certifiable nuts out there, and
a lot of them love to write.
(In fact, I might even enjoy an academic argument along
the lines that the President, the White House staff, Members
of Congress, and other senior members of the three houses
of government ought to be ENJOINED from using
encryption, unless or until some effective key escrow
technology is employed. What if the Nixon tapes had
been encrypted? (If the system is still in place, I'd bet
they are now.) What if Oliver North hadn't been so
stupid and/or trusting about the confidentiality of his
e-mail messages on the White House PROFS system? :-)
As I said to Steve Kent, my primary interest, and the context
that most of my discussion over the last several years on pem-dev
has involved, is in the area of BUSINESS uses of digital signatures
for purposes of electronic commerce -- not just the stylized EDI
transactions, nor the equally restricted X9 financial instruments --
but the routine correspondence that goes on inside a company
and to a lesser extent between companies.
I certainly understand that there are plenty of legitimate uses
for various Persona-based communications, and I'm even willing
to tolerate many of the quasi-legitimate uses that will inevitably
spring up (as long as they don't do it in the streets and frighten the
horses, as a broad-minded Victorian lady (Lady Chesterton?) was
said to have said).
I can also think of many, many applications for both encrypted and
digitally signed mail that would make use of software-based schemes
with minimal verification of identity and little or no legal validity or
intent, and for those applications the TIS medium-integrity PCA
would seem to be well-suited.
But please don't deny me the ability to define and use a much higher
standard of care for commercial transactions, FOR USE BY THOSE
PEOPLE WHO ALSO HAPPEN TO FEEL THE NEED FOR SUCH
ASSURANCE TO FACILITATE THEIR ROUTINE BUSINESS
TRANSACTIONS. I hope that the RSA Commercial Hierarchy can
be used for such purposes, and as a potential customer I am working
to try to define an appropriate Policy for that PCA, assuming
that others will join up as well.
I thought that people's emailed messages would be evaluated
based on their content, not based on who they know or what
`in-group' they are a part of.
Jonh, I would not like to accuse you of being naive, but ...
I have evaluated many of your messages over the last several
years, independent of who you "are" or what organization you
might belong to. I've even learned a few things, and you've
help influence my thinking in a number of areas. But it wouldn't
have mattered a whit if you had digitally signed them as gnu(_at_)toad(_dot_)com
I still wouldn't pour out my most private thoughts to you (or anyone else
who typically doesn't even include his name in his email address)
even in (especially in) encrypted form, nor would I agree to buy
or sell something from or to you without substantially better proof
of your identity and financial probity than you typically offer,
and I am sure that you would agree that is my right.
To quote Ronald Regan, AKA "The Great Satan" in some
circles, "Trust, but Verify". Sorry I can't remember the
Russian, but my email system wouldn't handle the Cyrillic
characters very well anyway.
Or, as I read in "Life's Little Instruction Book" the other day,
"Never trust anyone who is all hat and no cattle."
Bob