Re: RIPE22: Agenda - on escrow in europe - plz ignore if not interested in net security

[Piet Beertema <]

    it is likely that the EC will recommeond that the EU moves to
    a) no public domestic use of strong encryption
In some countries it's already far too late for that.
    b) escrow keys held by some EC agency
Hah!
    
    this is despite the fact that there are NO technical experts
That's quite common for the political bodies
that decide in such issues.

    that I know of that agree that
    1/ terrorists, drug dealers and dissemiantion of obscene material
    will be affected in the least
Of course they won't be affected. Just like a
thief isn't affected by laws that forbid theft.

    2/ Key escrow is inherently unsafe since the holders of the escrowed
    keys are not part of the users' audit mechanisms - furthermore, it is
    a potential invasion of the right to free and private speech, and
    represents a direct attempt to exert more (international) state control
    than is tolerable by almost all internation commerce.
Exactly! And I bet that the strongest advocates
of this sort of nonsense are countries like France
that in this (and other) respect are police states.
    
    Most large commercial organisations that really need strong crypto
    will of course find ways around (e..g SWIFT use DES already for
    banking - I am sure that the large financial insitutes will get
    special permiossion to use 128bit or larger keys for RSA)
Others will too.
    
    It is very sad that the EC has such incompetent technical advice.
Nothing new under the sun... :-(

A while ago encryption was about to be outlawed in
the Netherlands. Thanks to fierce opposition from
many sides, not in the least "official bodies" with
real technical knowledge, the whole proposal was
turned down. Let's hope history won't repeat itself
in this case.


	Piet