From: Al Thompson Area: Public Key Encryption To: All 21 Oct 94 11:40:04 Subject: Clipper, Wiretaps, PGP, & the FBI UpdReq CyberWire Dispatch // Copyright (c) 1994 // Jacking in from the "Sooner or Later" Port: Washington, DC -- If private encryption schemes interfere with the FBI's ability to wiretap, they could be outlawed, according to recent comments made by the agency's Director Louis Freeh. Freeh told attendees here at the recent conference on Global Cryptography that if the Administration's Escrowed Encryption System, otherwise known as the Clipper Chip, failed to gain acceptance, giving way to private encryption technologies, he would have no choice but to press Congress to pass legislation that provided law enforcement access to *all* encrypted communications. If, after having pushed Digital Telephony through Congress (which hadn't yet happened when Freeh spoke at this conference), all the Bureau ended up with during wiretaps were the scratchy hiss of digital one's and zeros being hurled back and forth, Freeh made it clear that he would seek a congressional mandate to solve the problem. In other words: Roll your own coded communications; go to jail. Freeh's comments, made during a question and answer session at the conference, are the first public statements made by an Administration official hinting at a future governmental policy that could result in the banning of non-governmental, unbreakable encryption methods. Freeh's remarks were first reported on the WELL by MacWorld writer and author Steven Levy. The FBI confirmed those statements to Dispatch. The Administration, however, continues to state that it has no plans to outlaw or place any restrictions on private encryption methods. A White House official said there are "absolutely no plans" on the table to regulate domestic encryption "at the present time." He wouldn't comment, however, as to whether the Administration would back an FBI attempt for such legislation. "Freeh doesn't seem to need a lot of White House support," to get things done, the official said. FBI sources said any moves to approach Congress about regulating private encryption are "so far out there" time wise, that the subject "doesn't merit much ink," as one FBI source put it. "We've got to make sure the telcos rig up their current networks according to the new [digital wiretap] law before we go worrying about private encryption stuff," he said. An FBI spokesman confirmed Freeh's position that the Bureau would aggressively seek to maintain what the spokesman called "law and order objectives." If that meant getting laws passed so that the Bureau's "authorized wiretap activities" couldn't be thwarted by "criminal elements using non-governmental" encryption schemes, "then that's what he [Freeh] would do," the spokesman said. When the Administration went public with its Clipper Chip policy, it stressed that the program would not be mandatory. Many civil liberties groups wondered out loud how long it would be before private encryption was banned altogether. The White House, anxious for the public to buy into its one-trick pony the Clipper Chip, said that wouldn't happen. But the Administration hedged its bet. Buried in the background briefing papers of the original Clipper announcement, is a statement that the White House doesn't consider the public's right to use private encryption methods are protected anywhere in the Constitution. Meeks out... 201434369420143436942014343694201434369420143436942014343694718 From: Christopher Baker Area: Public Key Encryption To: All 23 Oct 94 14:02:24 Subject: PUBKEYS hatch UpdReq -----BEGIN PGP SIGNED MESSAGE----- the following was just hatched into PUBKEYS file distribution. all PUBKEYS links please poll. PGPLD1-2.ZIP PGPLoad - allows PGP use in BlueWave, v1.2. [15K] [also hatched into SDS area SOFTDIST.] anytime except 0100-0130 ET and Zone 1 ZMH at 1200-9600+ HST/V32 for FidoNet listed systems [and their legal points] only. TTFN. Chris -----BEGIN PGP SIGNATURE----- Version: 2.61 Comment: PGP 2.6.1 is LEGAL in Zone 1! So USE it! [grin] iQCVAwUBLqqlNMsQPBL4miT5AQEo2QQAqbSQVLB5AfIfzxD15W0k1R5bsaoGg9JT EZUmEaQOxKv7MgSVWpQ3k422iHPzhgHOwDZORp1oW1QzEVANAQzWMdOUOTWXGmZT js6K2K03P2s6XiAcRIOlCY7sfUCbXc1Pv69zpyHCc8tIOejZ981gARDmbq+z8Tzr OrjifUH9yzs= =ySBq -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Peter Bradie Area: Public Key Encryption To: Brian Mcmurry 20 Oct 94 19:55:00 Subject: Pgp signatures UpdReq -=> Quoting Brian Mcmurry to Joe Eversole <=- JE> You're the only person I have a key for that you sent this to... Where do JE> you find your keys? I usually add most keys I find in the PKEY_DROP JE> echo... BM> You're on my keyring. I add most of the ones that come through BM> PKEY_DROP and cypherpunks. If I'm out of line, please let me know. If not, then could you explain the rationale for accumulating keys from people you do not know or have only read some of their writings in one or two echos? That strikes me as similar to enscribing the telephone book in your private number list. If PGP is the equivalent of a mailing envelope for E-mail (a good analogy for privacy in communications), why collect the addresses of people to whom you would never write? Beyond the Web of Trust is the Web of Usefulness. IMHO, the only keys of value to me are 1) those I have acquired via netmail or other one-on-one communications, and 2) those with whom I would expect to entertain private communications. I'm sure you are a nice, reliable person. I don't need your key to make sure you're the person who has signed a particular message because I don't know you from Adam's off ox, and the validity of the message is as valid as I know you to be; whether signed or not. Would this message have any greater significance to you if I had 'signed' it and posted my key in PKEY_DROP? ... Sometimes you gotta THINK about it... ... Blue Wave/QWK v2.10 201434369420143436942014343694201434369420143436942014343694718