Caspar Bowden on Cypherpunks 1996-98

1. From [email protected] Wed Dec 17 23:17:14 2003
2. From: Caspar Bowden <[email protected]>
3. Date: Sun, 27 Oct 1996 04:46:46 -0800 (PST)
4. Subject: ANNOUNCE: Scientists for Labour encryption and escrow conf, Nov 14th,"Liberty on the Line"
5. Message-ID: <[email protected]>
6. MIME-Version: 1.0
7. Content-Type: text/plain
8.  
9.  
10. Full details: http://www.shef.ac.uk/~sfl/meetings/itconf.html
11.  
12. PLEASE DISTRIBUTE AND LINK TO YOUR WEB-SITE:
13.  
14. Scientists for Labour - IT & Communications Group
15. Conference on Information Superhighway Policy
16.  
17. ---------------------------------------------------------------------
18. "Liberty on the Line : Opportunities and Dangers of the Superhighway"
19. ---------------------------------------------------------------------
20.  
21. Chaired by Geoff Hoon MP, Shadow Minister for IT
22.  
23. Thursday 14th November 1996, 9am - 5:30pm
24.  
25. MSF Centre, 33-37 Moreland Street, London EC1 (Angel tube)
26. ---------------------------------------------------------------------
27.  
28. For further details or to reserve a place contact:
29. Caspar Bowden, SfL IT & Comms co-ordinator ([email protected])
30.  
31.  
32. The debate over Internet regulation in the UK has focused mainly on
33. censorship, but the standards for control of "encryption keys", currently
34. being formulated nationally and internationally, will lay the permanent
35. foundations on which the Information Society is built. The long-term
36. implications for civil liberties have received little public attention
37. outside the Internet community.
38.  
39. Scientists for Labour is hosting a conference to look at the data protection
40. and economic issues arising from the integration of digital signatures,
41. electronic copyright management, and digital cash. What kind of regulatory
42. apparatus will allow rapid growth of an information economy, but prevent
43. misuse of personal data ?
44.  
45. *) New government proposals on "Trusted Third Parties", which aim to preserve
46. law enforcement and national security capabilities for warranted
47. interception of communications (to fight crime and terrorism), place only
48. procedural not technical limits on the scope of Superhighway surveillance.
49.  
50. *) Super-computers have the potential to conduct random electronic "fishing
51. expeditions" against the whole population. Telephone and letter
52. interception cannot be automated : digital monitoring can.
53.  
54. Will legal safeguards against abuse offer adequate protection in perpetuity,
55. or can cryptographic protocols be designed which make Superhighway mass-
56. surveillance impossible, while still allowing criminals to be targeted ?
57.  
58. Computer and legal policy experts will explain the principles of the
59. different technologies, and the international and commercial context, in a
60. search for interdisciplinary solutions.
61.  
62. The attendance fee is ?5 (?2 unwaged ; SfL members free)
63.  
64. For press information please contact :
65. Bobbie Nicholls, SfL Press Officer, Fax: 01235 529172
66.  
67. The Scientists for Labour home page (http://www.shef.ac.uk/~sfl/)
68. has information on how to join SfL, or contact the Secretary :
69. Dr Robin Walters ([email protected])
70.  
71.  
72. Programme
73. ---------
74.  
75. 9.00-9.30 Registration SfL members free, non-members ?5 (?2 unwaged)
76.  
77. 9.30-9.45 Geoff Hoon MP Introduction
78.  
79. 9.45-10.45 Dr.John Leach Cryptography and developments in Trusted Third
80. Party policy
81.  
82. 10.45-11.45 Dr.Ross Anderson Some problems with the Trusted Third Party
83. programme
84.  
85. 11.45-12.00 Coffee
86.  
87. 12.00-12.30 Simon Davies Escrow and the hidden threat to human rights
88. and privacy
89.  
90. 12.30-1.00 Elizabeth France (Data Protection Registrar)
91.  
92. 1.00-2.00 Buffet lunch
93.  
94. 2.00-2.45 Prof. Charles Public policy and legal aspects of Intellectual
95. Oppenheim Property Rights
96.  
97. 2:45-3.30 Alistair Kelman Electronic Copyright Management :
98. Possibilities and Problems
99. 3.30-3.45 Tea
100.  
101. 3:45-4:45 Andrew Graham Will the Information Superhighway enhance or
102. diminish democracy ?
103.  
104. 4.45-5.30 Panel Session Discussion (inc. Robert Schifreen)
105. ---------------------------------------------------------------------
106.  
107. -----
108.  
109. From [email protected] Wed Dec 17 23:17:14 2003
110. From: Adam Back <[email protected]>
111. Date: Wed, 21 May 1997 06:21:11 +0800
112. To: [email protected]
113. Subject: LSE UK crypto politics conference
114. Message-ID: <[email protected]>
115. MIME-Version: 1.0
116. Content-Type: text/plain
117.  
118.  
119.  
120. I went to the conference in London on Monday organised by PI (Privacy
121. Intl.) and GILC (Global Internet Liberty Campaign.) Speakers were
122. DTI representatives, Whit Diffie, Phil Zimmermann, Ross Anderson, Carl
123. Ellison, IBM UK representative, a few people from LSE (London School
124. of Economics, who hosted the conference).
125.  
126. I don't take notes, but here's a list of points I considered
127. interesting. If you want details on any issues I can give more detail
128. as required. If anyone else reading went and did take notes they
129. might be able to attribute quotes a little more accurately. I
130. understand there's supposed to be an audio transcript on the web
131. http://www.privacy.org/pi/conference/dti might be a good place to look.
132.  
133. Government Presentation of proposal
134.  
135. 1) David Hendon and Nigel Hickson from DTI presented the DTIs arguments.
136. They argued that this is a green paper only, the government has
137. changed, the document was partly the views of the previous government
138. and partly the views of the DTI. This I viewed as an attempt to
139. deflect criticisms, as they could not specify what has changed, and
140. were not planning to change the document. (The new government have
141. not looked at the issue at all). The labour party had a much more
142. reasonable policy they published before they got in power; but it
143. remains to be seen whether they will stick to this or whether the
144. CESG/GCHQ will lobby them to adopt GAK/TTPs etc., which are in the
145. CESGs interests.
146.  
147. They claimed to not want to escrow signature keys, but only to escrow
148. encryption keys. (The wording in the document clearly states that
149. they wish to escrow all keys as a condition of being a TTP). They
150. said they had many comments on this issue. (Clearly the only use for
151. escrowing signature keys is to allow forgeries. Why would the
152. government want to forge messages from citizens? To provide law
153. enforcement access they only need access to private encryption keys.)
154.  
155. The DTI said much of licensing requirements for TTPs were modelled
156. after banking regulations.
157.  
158. Architectural and Technical
159.  
160. 2) Ross Anderson gave the example of the health service's experience
161. with CESG/GCHQ foisting flawed cryptography solution CASM on it
162. (complete with key escrow and secret algorithm Red Pike). The BMA
163. (British Medical Assoc), and even DoH (Dept of Health) rejected this
164. `offer'. Ross is a computer security advisor to the BMA. He also
165. debunked many of the lies spread by GAK proponents, and gave a potted
166. history of the behind the scenes GAK activities in the UK and Europe.
167. He also said that CASM was now the laughing stock of Europe in the
168. crypto community, and that in response the CESG had allocated a new
169. project manager and given CASM a cosmetic name change to CLOUD COVER.
170.  
171. 3) Whit Diffie argued about the importance of privacy in the
172. information society. Explained how PK crypto removed the previous
173. problems with centralised key distribution services.
174.  
175. 4) Phil Zimmermann gave his usual talk about the ethical case for free
176. use of crypto. Civil rights workers, resistance fighters against
177. governments with poor civil rights records, etc. Also made the point
178. that the backdoor into crypto the DTI appeared to be pushing would
179. allow the current government to abuse it's power to stay in
180. government.
181.  
182. Legal and Commercial
183.  
184. 5) Peter Sommer, LSE made some points on legal topics digital signature
185. legislation, etc.
186.  
187. 6) Carl Ellison, Cybercash argued against the centralised trust model,
188. and against X509. Arguing instead for distributed trust models
189. particulary Rivest's SDSI and his own work on distributed trust. Carl
190. argued that trust should represent permissions, and be administered by
191. the interested parties. (eg your bank gives you a key with permission
192. to draw money from your bank account, not some government licensed
193. TTP).
194.  
195. 7) IBM (in the form of Peter Dare, IBM UK) sold out to GAK. Peter
196. Dare's presentation started with a list of things he liked about the
197. DTI proposal, then a few minor criticisms (very respectfully put), and
198. as a punchline to his talk presenting IBM GAKware (forget the product
199. name) and his talk finished with a sales pitch for this product. At
200. the end of which Whit Diffie shouted out from the audience can Carl
201. Ellison have equal time for a cybercash sales pitch!
202.  
203. International
204.  
205. 8) John Dryden representing the OECD gave a presentation of the OECD
206. guidelines. (T-shirt and jeans odd the rest of the government and
207. business types wore suits.) He explained the guidelines as a
208. significant relaxation. The guideline referring to key escrow was
209. changed to a `may' escrow keys rather than a `should' escrow keys.
210. Said most of the time spent during the OECD SOGIS discussions was
211. spent arguing about key escrow. He considered the guidelines a
212. significant step forward. The guidelines are non-binding
213. recommendations. He said 28 countries signed up, which should
214. indicate that their countries representatives found the guidelines
215. consistent with national laws.
216.  
217. 9) Alistair Kelman, visiting position at LSE
218.  
219. Made the point (as several others had) that a general principle should
220. be that trust should mirror existing user trust relationships. People
221. do not trust government, nor the sort of large organisations the DTI
222. is clearly envisaging as suitable TTPs. He argued that GPs (General
223. Practitioners, family doctors) would be suitable candidates as trusted
224. members of the local community. Kelman also seemed to be arguing that
225. keys should handed to the user, and not generated by the user. I
226. queried him about this afterwards, as it is clearly a bad security
227. model, and he said he considered it a usability issue, generating keys
228. being too difficult for the user. I don't agree, the usability is a
229. matter to be solved by good software, not by centralising key
230. generation.
231.  
232. Civil Rights and Privacy
233.  
234. 10) Simon Davies, PI argued that case for commonality of interests
235. between business and privacy issues.
236.  
237. 11) David Banisar, EPIC talked about the history of the US clipper
238. series, and raised the topic of digital telephony bill (where the
239. government requested access to first 1% and then reduced simultaneous
240. wiretaps).
241.  
242. Following up from this someone from the floor claimed that the
243. telephone networks are tappable without the phone company (BT, British
244. Telecom's) cooperation. Indeed the person making this claim (who
245. claimed comprehensive experience and knowledge of phone routing
246. hardware) said that BT would not even be aware that the tap had taken
247. place. Several others in the audience confirmed this was the case.
248. Whit Diffie said that he had not heard this claim, and that it was not
249. the case to his knowledge in the US. The person making the claim said
250. that he knew the switches used in the US were the same (and quoted the
251. switch model), and so he didn't see why not. The question was raised
252. as to why digital telephony was necessary at all with this type of
253. phone switch being used in the US.
254.  
255. Law Enforcement
256.  
257. 12) The guy from NCIS (National Criminal Intelligence Service) didn't
258. turn up because he had to go to hospital due to an eye problem. The
259. chair, Prof Ian Angell, LSE suggested this might have been due to
260. looking through too many keyholes :-)
261.  
262. Panel and Open Discussion
263.  
264. Panel: Carl Ellison, legal advisor to GLIC (forget name), Nigel
265. Hickson DTI, someone from TIS (?) who spoke too quitely. Chair was
266. Caspar Bowden, Scientists for Labour.
267.  
268. Most of the panel session consisted of arguments directed at the DTI
269. and questions for Nigel Hickson representing the DTI. Hickson had
270. made jokes about the hostility he was expecting. He appeared quite
271. competent at avoiding answering questions directly where this suited
272. him.
273.  
274. Each panelist was given the opportunity to summarise their position.
275. Nigel Hickson claimed the main motivation for the proposal was to
276. encourage user and business confidence in digital signatures for
277. business purposes, and thereby to promote electronic commerce. He
278. used this as justification for the banning of un-licensed TTPs.
279. Several comments from the floor that it would be better to let the
280. market decide, and to allow unlicensed certification authorities, key
281. servers etc to continue unmolested, and in competition with GAKked
282. government licensed services.
283.  
284. Hickson also claimed key escrow was a small part of their
285. consideration. (I'm sure it's true that this is the part they wish to
286. downplay as this is the part which causes the majority of resistance.)
287.  
288. The question was raised as to whether the DTI understood that the TTP
289. system could be trivially bypassed by the criminals it was supposedly
290. designed to catch. An example given was that anyone wishing to bypass
291. could use the sigature key helpfully certified by the TTP to
292. authenticate non escrowed keys they generated outside the TTP system.
293. The point that there were many other subliminal channels was raised
294. also. Nigel Hickson acknowledged this, but said in defence that some
295. criminals are stupid, that criminals must talk to non-criminals.
296.  
297. Someone put it to Hickson "What is the worst thing that could possibly
298. happen if the government did nothing?" ie what if the government
299. didn't legislate anything, ie why doesn't the government get the fuck
300. out of the way so that business can get on with commerce unimpeded.
301. Several business people put it to the DTI that they didn't need any
302. `help', and that the regulations had held up electronic commerce for
303. too long already.
304.  
305. Several people argued that business is most interested in
306. authentication, and not in confidentiality. So for business purposes
307. (which what after all the DTI claim is the main reason for the paper,
308. and the DTI being after all the `Department of Trade and Industry' and
309. having a mandate to further the interests of UK businesses), they
310. could achieve what they wanted without bringing escrow into the
311. argument at all, as they have acknowledged that they will now not be
312. requiring copies of secret part of signature keys.
313.  
314. People argued against the high cost of becoming a TTP. The point was
315. raised that it should be SME (Small to Medium-sized Enterprises) which
316. are encouraged in electronic commerce. Also that many internet
317. innovations start as small or even one man consultancies.
318.  
319. Several asked whether the paper should be re-written as a result of
320. comments before being presented to the new government, as the comments
321. if listened to would remove most of the current content. Also the
322. question was asked as to whether the deadline for comments could be
323. extended beyond end of May. No substantive answer was given to either
324. of these two questions.
325.  
326. My conclusions
327.  
328. The DTI didn't really clarify their position much, most of the
329. contentious stuff (mandatory licensing, key escrow, financial barriers
330. to becoming a TTP) there were no substantive replies to from the DTI,
331. other than that they were collating the comments. They said they
332. would present the Labour science minister/labour government with the
333. green paper unmodified together with the comments. (And one presumes
334. a few spooks from GCHQ/CESG will get the opportunity to present the
335. four horsemen/spook special interest perspective). The only clear
336. statement I noticed the DTI spokespersons make was that they wouldn't
337. hold the private halves of signature keys.
338.  
339. On the positive side, the labour statement on encryption prior to
340. coming to office was no where near as draconian as the DTI paper.
341.  
342. Anyway, we'll see.
343.  
344. Adam
345. --
346. Have *you* exported RSA today? --> http://www.dcs.ex.ac.uk/~aba/rsa/
347.  
348. print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<>
349. )]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`
350.  
351. -----
352.  
353. From [email protected] Wed Dec 17 23:17:14 2003
354. From: Carl Ellison <[email protected]>
355. Date: Fri, 23 May 1997 15:48:53 +0800
356. To: Adam Back <[email protected]>
357. Subject: Re: LSE UK crypto politics conference
358. In-Reply-To: <[email protected]>
359. Message-ID: <[email protected]>
360. MIME-Version: 1.0
361. Content-Type: text/plain
362.  
363.  
364. At 11:03 PM 5/20/97 +0100, Adam Back wrote:
365. >Panel: Carl Ellison, legal advisor to GLIC (forget name), Nigel
366. >Hickson DTI, someone from TIS (?) who spoke too quitely. Chair was
367. >Caspar Bowden, Scientists for Labour.
368.  
369. The person from TIS was Brian Gladman.
370. BTW, he wrote an open letter response to the DTI proposal which
371. is on the web from one of the standard Privacy sites.
372.  
373. - Carl
374.  
375.  
376. +------------------------------------------------------------------+
377. |Carl M. Ellison [email protected] http://www.clark.net/pub/cme |
378. |CyberCash, Inc. http://www.cybercash.com/ |
379. |207 Grindall Street PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
380. |Baltimore MD 21230-4103 T:(410) 727-4288 F:(410)727-4293 |
381. +------------------------------------------------------------------+
382.  
383. -----
384.  
385. From [email protected] Wed Dec 17 23:17:14 2003
386. From: John Young <[email protected]>
387. Date: Mon, 1 Jun 1998 11:26:58 -0700 (PDT)
388. To: [email protected]
389. Subject: Foundation for Information Policy Research
390. Message-ID: <[email protected]>
391. MIME-Version: 1.0
392. Content-Type: text/plain
393.  
394.  
395. Source: http://www.ntk.net/fipr/
396.  
397. Subject: URGENT: press release - FIPR
398. Date: Thu, 28 May 1998 16:52:16 +0100
399. From: Ross Anderson
400.  
401.  
402. Title: New Independent Research Foundation Backed by Microsoft
403.  
404. Embargoed until 11.00 Friday 29th May
405.  
406. Too often, policy issues relating to information technology are
407. seperately debated by two distinct grouups: technology experts and
408. those focused on social concerns. Policy makers face the challenge of
409. reconciling the seperate debates in areas where technology is often
410. evolving very quickly. A new research foundation aims to provide clear
411. advice that spans this gap and is independent of vested interests.
412.  
413. The Foundation for Information Policy Research will fund research into
414. how information technology affects society. It is launched at a press
415. conference on Friday 29th May at 11.00 am. (1)
416.  
417. Microsoft has contributed a six-figure sum to cover the launch costs.
418. Internet service providers Poptel and Demon are also supporting the
419. Foundation. Its independence will be guaranteed, however, by a board
420. of trustees. (2) In the medium term it will be supported by
421. subscriptions from a range of firms in commerce and industry.
422.  
423. The goal of the Foundation is to promote research and understanding of
424. the effects, and the likely future effects, of IT on society. Its
425. areas of investigation include: (3)
426.  
427. * the regulation of electronic commerce;
428. * consumer protection;
429. * data protection and privacy;
430. * copyright;
431. * law enforcement;
432. * evidence and archiving;
433. * electronic interaction between government, businesses and individuals;
434. * the extent to which various information technologies discriminate
435. against the less advantaged members of society; and
436. * the new risks that computer and communication systems pose to
437. life, health and economic well-being
438.  
439. The Foundation will also provide a valuable resource for the press as
440. it will be able to put journalists in touch with a wide range of
441. experts who can explain IT issues as they arise.
442.  
443. Contact: Caspar Bowden (Director of the Foundation) 0171 837 8706
444. Ross Anderson (Chair of the Foundation) 01223 334733
445.  
446. QUOTES
447.  
448. The Director of the Foundation, Caspar Bowden, said: ``The IT policies
449. (and failures) which the current government inherited, and the
450. decisions which will be made by them in the future, will have
451. far-reaching effects on who society's winners and losers will be. We
452. have a duty to prevent technological innovation and development taking
453. place at the expense of the poor, the old, the sick and the disabled.
454. We believe that so long as we understand the social and policy
455. implications of new technical innovations, we can make IT into a means
456. to facilitate social inclusion. The Foundation's mission will be to
457. achieve and to spread that understanding.''
458.  
459. The Managing Director of Microsoft UK, David Svendsen, said: ``It's
460. important that we contribute to a broad and informed public discussion
461. on these information society issues.''
462.  
463. The Chair of the Foundation, Ross Anderson of Cambridge University,
464. said: ``We welcome this new source of funding for IT related
465. research. An increase in the diversity of funding sources is almost
466. always a good thing, and the Foundation will be particularly valuable
467. as much of the available IT funding is directed to very short-term and
468. narrowly technical agendas.''
469.  
470. NOTES
471.  
472. (1) The press conference is at the "Scrambling for Safety"
473. conference, at the Bloomsbury Theatre, University College, London.
474. URL:
475.  
476. (2) The Foundation's Director and full-time CEO, Caspar Bowden, has
477. for the last three years been running Qualia, a consultancy business
478. specialising in internet implementations. Before that he was a
479. financial strategist with Goldman Sachs. He also researched IT and
480. communications issues for Scientists for Labour.
481.  
482. Its chair, Ross Anderson, is a faculty member at Cambridge University
483. Computer Laboratory and has done extensive research on topics related
484. to electronic commerce.
485.  
486. BACKGROUND
487.  
488. The "Millennium Bug" - the problem that many computers cannot deal
489.  
490. correctly with the date roll-over from 1999 to 2000 - threatens to
491. cause havoc with many systems and has been declared a national
492. emergency by the Prime Minister.
493.  
494. Another problem that has worried policymakers and concerned citizens
495. is that new developments in IT may discriminate against the less well
496. off members of society. For example, the current mechanisms for
497. electronic commerce depend on consumers using their credit cards to
498. order goods and services over the net. They often get a big discount
499. for buying this way; but people without credit cards may lose out.
500.  
501. The first task that the Foundation has set itself is to examine the
502. underpinnings of electronic commerce. The European Commission has
503. recently published a draft Directive on this subject and will launch a
504. period of public consultation at the same conference at which the
505. Foundation itself will be launched. (The draft directive is at
506. [missing].)
507.  
508. Other topics which the Foundation plans to investigate include:
509.  
510. * the maintenance of public records in electronic form. We do not
511. fully understand how to ensure that word processor files and other
512. electronic documents created today can be safely stored for many
513. years, and reliably made available in the future. This affects not
514. just the new Freedom of Information Act, but also the work of future
515. librarians and historians.
516.  
517. * the development of copyright law. There are some industry proposals
518. which would restrict the ability of libraries to lend out digital
519. works. Will this mean the end of the public library, as more and more
520. books, videos and other material become digital? What are the
521. implications for schools and universities? What are the implications
522. for the public, if all major sports events in future are pay-per-view?
523. Are these developments inevitable, or is there something we can do
524. about them?
525.  
526. * the introduction of electronic communication between the citizen and
527. the government has the potential to cut queues and the frustration of
528. dealing with people on the phone. However, are these changes
529. intrinsically more likely to favour the articulate, and to bring the
530. most benefit to well-off people with their own computers? What
531. technical developments are reasonably possible to ensure that all
532. citizens get a fair deal?
533.  
534. * the previous government's proposal for a "personal signature card"
535. that would give access to all government services had a distinct
536. flavour of an ID card. Are such developments necessary, or can we
537. find workable alternatives?
538.  
539. * the police are concerned about the spread of prepaid mobile phones,
540. which are increasingly used by stalkers and extortionists. However, if
541. they are banned, then how would people without credit cards obtain a
542. mobile phone service?
543.  
544. * there have been many disputes in the past over "phantom withdrawals"
545. from bank cash machines, and banks have defended themselves by
546. claiming that their computers cannot be wrong. How can this approach
547. work when millions of merchants are selling services through a wide
548. variety of computer systems? What will consumer rights amount to in
549. the information age?
550.  
551. * the failure of government computer systems - whether spectacular
552. failure due to the millennium bug, or the continuing sporadic
553. failures in the NHS - does most harm to pensioners, the disabled,
554. single mothers, the unemployed and people on NHS waiting lists (who
555. are typically elderly, female and working class). How can we
556. encourage best engineering practice in the public sector?
557.  
558. - - - ends - -
559.  
560. Thanks to Danny O'Brien, UK Crypto
561.  
562. Story: http://www.wired.com/news/news/politics/story/12624.html
563.  
564. Web site under construction: http://www.fipr.org
565.  
566. -----
567.  
568. From [email protected] Wed Dec 17 23:17:14 2003
569. From: John Young <[email protected]>
570. Date: Sat, 5 Dec 1998 04:18:32 +0800
571. To: [email protected]
572. Subject: Wassenaar Addendum
573. Message-ID: <[email protected]>
574. MIME-Version: 1.0
575. Content-Type: text/plain
576.  
577.  
578.  
579. Caspar Bowden in the UK says by telephone that a Wassenaar
580. spokesman told him today that the WA org will issue next week a
581. detailed "template" which specifies terms of the recent agreement
582. to control encryption.
583.  
584. It will go well beyond what has been heretofore generally agreed to
585. by the member states under which there was a good bit of latitude
586. for each to determine its own policy. This is an unprecedented united
587. front by the members, and the paper will be a first for detailed export
588. controls issued by the Wassenaar org rather than by each nation.
589.  
590. When ready it will be put on the Wassenaar Web site:
591.  
592. http://www.wassenaar.org.
593.  
594. We've made a request to DoC for elaboration of the press release
595. yesterday which featured David Aarons' general claims, but no
596. response yet. The USG may not comment until the WA paper is
597. issued.
598.  
599. Caspar posted a capsule of his infor on UK Crypto:
600.  
601. From: "Caspar Bowden" <[email protected]>
602. To: <[email protected]>
603. Subject: News from Wassenaar Secretariat
604. Date: Fri, 4 Dec 1998 16:23:58 -0000
605. Message-ID: <000101be1fa2$9da127e0$dc77e4d4@cpsb>
606. MIME-Version: 1.0
607. Content-Type: text/plain;
608. charset="iso-8859-1"
609. Content-Transfer-Encoding: 7bit
610. X-Priority: 3 (Normal)
611. X-MSMail-Priority: Normal
612.  
613. Just talked to Dirk Weicke, Senior Adviser to Wassenaar Organisation.
614. (Tel:+43 1 516360)
615.  
616. No written details will be issued until next week, but gist is:
617.  
618. *) No alteration to question of whether Wassenaar covers intangible exports.
619. Up to signatory states to interpret and legislate.
620.  
621. *) mass-market software, symmetric key length limited to 56-bits
622.  
623. *) software generally available, but with other restrictive tests on
624. end-user re-configurability, symmetric key length limited to 64-bits
625.  
626. *) Assymetric key lengths (not sure how relates to above) limited to:
627.  
628. RSA & Digital logarithm: 512 bits
629. Elliptic curve : 112 bits
630.  
631.  
632. --
633. Caspar Bowden http://www.fipr.org
634. Director, Foundation for Information Policy Research
635. Tel: +44(0)171 354 2333 Fax: +44(0)171 827 6534
636.  
637. ----------
638.  
639. -----
640.  
641. From [email protected] Wed Dec 17 23:17:14 2003
642. From: John Young <[email protected]>
643. Date: Mon, 7 Dec 1998 23:57:14 +0800
644. To: [email protected]
645. Subject: Wassenaar News
646. Message-ID: <[email protected]>
647. MIME-Version: 1.0
648. Content-Type: text/plain
649.  
650.  
651.  
652. We spoke with Igor at the WA today to ask about the implementation
653. report Caspar Bowden said would be coming shortly. It seems that
654. Dirk Weicke, the person preparing it (whom Caspar queried),
655. is out sick and won't return to work until Thursday.
656.  
657. Another person working on the report, a Mr. Sidbitt (?) is also
658. out sick but should be back at work tomorrow.
659.  
660. At the moment there is no plan to offer the report on the WA
661. Web site. Each member will decide how to publicize it.
662.  
663. Igor, a friendly, reminded that the WA staff has no authority,
664. indeed has an evanescent existence, and is subject to vanishing
665. without explanation. The paranoid WA members, my words, cut
666. no slack, cut-throat control of perfidious news is their modus
667. operandi.
668.  
669. Still, Igor chuckled at my reporting that the perfidious USG will not
670. anwser my inquiries, being unable to trust its terrifying citizenry.
671. He refused my plea to send a purloined report, a report which,
672. on the evidence, appears to be quite sickening.
673.  
674. -----
675.  
676. From [email protected] Wed Dec 17 23:17:14 2003
677. From: John Young <[email protected]>
678. Date: Thu, 10 Dec 1998 00:37:51 +0800
679. To: [email protected]
680. Subject: Wassenaar/Crypto News
681. Message-ID: <[email protected]>
682. MIME-Version: 1.0
683. Content-Type: text/plain
684.  
685.  
686.  
687. A BXA spokesperson said today that the text of the recent
688. Wassenaar agreement had been received yesterday and it is
689. now being prepared for release on the BXA website
690. (www.bxa.doc.gov) maybe by the end of the week but maybe
691. not until next week. She said she expected the US to be the
692. first to publish the doc, after I cited the WA message below
693. from Caspar Bowden.
694.  
695. She also said that the Practising Law Institute (www.pli.edu)
696. session on encryption controls yesterday was taped and inquiries
697. should be made to PLI (a continuing legal ed org; )
698. 1-(800) 260-4PLI. And that Bill Reinsch did not participate in
699. the session, only gave the speech on Dec 7 noted here
700. yesterday:
701.  
702. http://jya.com/war120798-2.htm
703.  
704. An inquiry to PLI (Betty Gray) has not been returned.
705.  
706. >From UK Crypto:
707.  
708. From: "Caspar Bowden" <[email protected]>
709. To: "Ukcrypto (E-mail)" <[email protected]>
710. Subject: More from Wassenaar Secretariat
711. Date: Wed, 9 Dec 1998 09:19:09 -0000
712. Message-ID: <000401be2355$07529ec0$dc77e4d4@cpsb>
713. MIME-Version: 1.0
714. Content-Type: text/plain;
715. charset="iso-8859-1"
716. Content-Transfer-Encoding: 7bit
717. X-Priority: 3 (Normal)
718. X-MSMail-Priority: Normal
719.  
720. -----Original Message-----
721. From: Wassenaar Secretariat [mailto:[email protected]]
722. Sent: Tuesday, December 08, 1998 16:54
723. To: Caspar Bowden
724. Subject: Re: Attn: Dirk Weicke
725.  
726. Mr. Weicke is still away, however, I can assure you that the Secretariat has
727. been recently authorized by all member states to publish the new Lists on
728. the web site. This will be done as soon as possible. Please be patient, we
729. are a very small Secretariat.
730.  
731. Glenn Sibbitt
732. Special Advisor
733. WA Secretariat
734.  
735. Caspar Bowden wrote:
736.  
737. > Dear Mr.Weicke,
738. >
739. > We spoke by telephone on Fri afternoon.
740. >
741. > You mentioned that the text and details of the new agreement would be
742. > published on the Wassenaar website this week.
743. >
744. > I understand that you have been away sick for a few days (my
745. > commiserations), but there have been reports from your colleagues
746. > that there will in fact be no publication on your Website.
747. >
748. > I'd be most grateful if you could just confirm when publication of
749. > details will take place, in particular the "Cryptography Note" detailing
750. > key-length limits, and definitions of categories.
751. >
752. > Kind regards
753. > --
754. > Caspar Bowden http://www.fipr.org
755. > Director, Foundation for Information Policy Research
756. > Tel: +44(0)171 354 2333 Fax: +44(0)171 827 6534
757.  
758. -----
759. http://cryptome.org/2015/07/caspar-bowden-cpunks-1996-98.txt