Marcus wrote:
| Daniel Dill writes:
| >'third "neutral" party' key escrow sounds to me like a software version
| >of Clipper.
|
| That's exactly what it is.
|
| The same agencies that sponsored Clipper are pushing for
| "software key escrow" for the same reason. The carrot they are
| dangling is that some high quality crypto (DES, forget 3DES or IDEA)
| may be OK'd for export if it uses "key escrow." (A better term for
| it is "government access to keys")
| It is unamerican. It is wrong. Just say "no."
As long as the 'escrow features' are configurable (to the
choice of agents, including /dev/null) key escrow is a useful thing.
Its only when the government chooses your agents that mandated KE is a
problem.
This is a technical point, despite its resemblance to a
political one. My firewalls are built as instruments to enforce trust
boundaries. GAK et all force me to add several nameless government
agents to my trust models. Bad engineering, really.
Adam
--
"It is seldom that liberty of any kind is lost all at once."
-Hume
References:
|
|
