|Notify me of new responses|
Well, since this is a "discussion forum" I decided to throw something out there, although I don't even know if there's anyone subscribed to this :)
I'm actually going to talk about this on my presentation tomorrow (technically today) but I figure we're not going to talk much about it in class so I'd just bring it up here ...
It seems to me (and probably to most of us because of the way we voted at the Harvard session) that the government is trying to enact laws regarding cryptography that are unrealistic, unreasonable and may conceivably cause more crime than they prevent ... Now I don't know about the people at the NSA, etc. being awfully rational but I've been thinking of reasons why they are taking the position they are and these are the ones I've come up with ...
- If (and I would venture to say when) some terrorist or otherwise criminal act happens that involves the sending of encrypted messages by the criminals, the public will want something done. If what happens is anything like what usually happens in the US, they will want something radical like a stronger version of the CALEA act for the internet. They will ask for this. If the NSA, FBI, etc. weren't asking for this now, they'd be in trouble if/when this happened. (Domestic politics influence)
- All of the massive economic costs and the logistics of a program like this would more than likely be headed by the NSA and perhaps some people at the FBI and CIA. This is good, from a policy point of view, it's expected that an organization is going to argue for something that will allow it to perpetuate itself and gain more recognition. (Political science model of bureaucracy)
- Perhaps they just can't think of anything better to do and are responding to real pressures of the possibility that a lot of their control over Americans would be lost (conspiracy theory)
I'd be really interested to see what other people think ... any other ideas???
-- D J, September 30, 1999
Lucy and Dalie,
Having been in on a couple of the internal discussions about this, the scary thing is that many of the adminstration people proposing these escrow ideas really didn't undestand how technically unsound they were. That's one of the things that drove the technical community nuts: for example, sluffing over the difference in security requiremens for certification authorities and escrow agents.
The NSA folks understoof this perfectly well, but the White House types who were making the policies really didn't. This is one of the reasons that the Risks report had impact.
-- Hal Abelson, October 3, 1999
from listening to your presentation and reading the "Risks.." report, it does seem that the government is asking for something completely unreasonable in mandating key escrow agencies. It occures to me that, perhaps, the whole outrageousness factor is not that bad for them:
-- If they are unreasonable now, nothing will get done, and yet if something was to happen, they can always say: "see, we tried, but the industry wouldn't let us."
-- If this is so unreasonable, than, perhaps, the industry will be more receptive to the next proposal (like the one that came out from the Clinton administration), because it's a concession compared to the earlier efforts, even if it's still not perfect.
-- Lucy Borodavkina, October 1, 1999
I guess when I said "the government" I meant the NSA, CIA, and FBI. I've had lots of dealings with politicians and not necessarily merely about technical topics but I've also noticed that they, like the average American, are very uninformed regarding technical issues. Naturally they come from very different backgrounds and very few of them have technical training so I wouldn't expect them to understand all the issues involved, I'd expect them to trust what the NSA et al. is telling them (and perhaps whoever else like the Risk report that cares to lobby for their opinion).
However, the NSA et al. must know better. They're the ones that I don't understand but I guess what Lucy said about them hoping to obtain a compromise between the truly unreasonable regulations and the no regulations proponents. I guess I was just hoping for them to try and come up with a reasonable strategy where they can get the industry and the public on their side. I may have been giving them too much credit.
-- D J, October 4, 1999