[7254] in cryptography@c2.net mail archive
Re: NSA back doors in encryption products
daemon@ATHENA.MIT.EDU (Greg Broiles)
Thu Jun 1 23:47:46 2000
Message-Id: <4.3.1.2.20000601171524.00adc300@speakeasy.org>
Date: Thu, 01 Jun 2000 17:15:29 -0700
To: "Steven M. Bellovin" <smb@research.att.com>,
"Arnold G. Reinhold" <reinhold@world.std.com>
From: Greg Broiles <gbroiles@netbox.com>
Cc: Rick Smith <rick_smith@securecomputing.com>, John Gilmore <gnu@toad.com>,
cryptography@c2.net, gnu@cygnus.com
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format=flowed
At 05:39 AM 5/27/00, Steven M. Bellovin wrote:
>That's tricky, too, since the Constitution provides the *defense* with
>a guarantee of open trials. At most, there are laws to prevent
>"greymail", where the defense threatens to reveal something sensitive.
>In that case, the judge reviews its relevance to the case. If it is
>relevant -- and a back door used to gather evidence certainly would be
>-- the prosecution can either agree to have it revelated or drop the
>case.
The Cyberspace Electronic Security Act - at least the version proposed in
September 1999 - didn't limit its effect to criminal trials. In particular,
the proposed section 18 USC 2716(a) of the Act would allow the US
government to file a request with the judge for a protective order
prohibiting disclosure - even in civil cases, even where the government
isn't a party to the litigation. Further, the court can prohibit disclosure
of trade secrets held by private parties disclosed to the government -
like, for example, an unknown vulnerability or back door which allowed
decryption or other security failure.
The text of the 9/1999 version is available online at
<http://www.cdt.org/crypto/CESA/CESArevised.shtml>
