[773] in WWW Security List Archive
Re: More restrictive controls on cryptography proposed in US Senate
daemon@ATHENA.MIT.EDU (Michael Markowitz)
Sat Jul 15 16:25:31 1995
Date: Sat, 15 Jul 1995 10:32:52 +0000
From: mjmarkowitz@attmail.com (Michael Markowitz)
To: www-security@ns2.rutgers.edu
Errors-To: owner-www-security@ns2.rutgers.edu
Albert Lunde wrote, in reference to bill S974,
>It appears that the bill was referred to the Judiciary Committee and action
>is not imminent, but it seems this bears watching as it could have an
>extremely adverse effect on electronic commerce and network security. One
>might read it to outlaw international use of any kind of cryptography
>without Clipper-like holes: i.e. the encryption functions of PGP, SSL,
>SHTTP, etc.
Albert: I see the point of your post, but not of this last comment.
PGP is already subject to strict export restrictions, as (to a lesser extent)
are products with a hole for crypto code that can be plugged elsewhere; does
S974 affect this situation in any way? Current export/munitions control laws
already have an "extremely adverse effect on electronic commerce." Hard to
imagine another law making it worse. :-)
SSL specifies the **exportable** algorithms RC2/RC4 with limited key lengths;
you think there are no (Clipper-like or non-Clipper-like) holes there?
Wake up--as US citizens (I'm making this assumption based on your email
address), our right to the "international use" of strong crypto was taken away
years ago.
BTW, vtw@vtw.org's (my god, another CPSR front? they seem to proliferate
faster than rabbits!) reference to the "now-infamous Clipper Chip" in their
S974 analysis was thrown in purely for its emotional appeal. "universal
decoding device"? Like the one in Sneakers? Where can I buy one? Is there
an unbiased review of S974 somewhere?
Cheers.
-Michael
----------------
Michael J. Markowitz, VP R&D
Information Security Corp.
1141 Lake Cook Road, Suite D
Deerfield, IL 60015
