From owner-freebsd-hackers  Sat Sep  6 09:09:04 1997
Return-Path: <owner-freebsd-hackers>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id JAA19813
          for hackers-outgoing; Sat, 6 Sep 1997 09:09:04 -0700 (PDT)
Received: from gate.lustig.com (lustig.com [204.97.12.35])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id JAA19802
          for <hackers@freebsd.org>; Sat, 6 Sep 1997 09:08:52 -0700 (PDT)
Received: from Lustig.COM (devious.lustig.com [192.168.1.3])
	by gate.lustig.com (8.8.7/8.8.7) with ESMTP id JAA08878
	for <hackers@freebsd.org>; Sat, 6 Sep 1997 09:08:43 -0700 (PDT)
Received: (from barry@localhost) by Lustig.COM (8.7.5/8.7.3) id MAA19394 for hackers@freebsd.org; Sat, 6 Sep 1997 12:11:59 -0400 (EDT)
Message-Id: <199709061611.MAA19394@Lustig.COM>
MIME-Version: 1.0 (NeXT Mail 4.2mach v148)
Content-Type: text/enriched; charset=iso-8859-1
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
X-Nextstep-Mailer: Mail 4.2mach (Enhance 2.0b6)
Received: by NeXT.Mailer (1.148.RR)
From: Barry Lustig <barry@Lustig.COM>
Date: Sat,  6 Sep 97 12:11:55 -0400
To: hackers@freebsd.org
Subject: Key escrow
Reply-To: barry@Lustig.COM
X-Organizations: Barry Lustig & Associates
Sender: owner-freebsd-hackers@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

Looks like it's back...


Begin forwarded message:



Declan McCullagh wrote:

>=20

> ---------- Forwarded message ----------

> Date: Fri, 5 Sep 1997 19:34:51 -0700 (PDT)

> From: Declan McCullagh <<declan@well.com>

> To: cypherpunks@toad.com

> Subject: Mandatory key escrow bill text, backed by FBI

>=20

> All encryption products distributed in or imported into the U.S. after

> January 1, 1999 must have a key escrow backdoor for the government,

> according to an FBI-backed proposal circulating on Capitol Hill. The

> measure would impose a similar requirement on "public network service

> providers" that offer data-scrambling services. FBI Director Louis Freeh

> talked about this proposal, without disclosing legislation existed, at a

> Senate subcommittee haring on Wednesday.

>=20

> Domestic use and sale of encryption has never been regulated.

>=20

> Attached is an excerpt from the draft "Secure Public Networks Act" dated

> August 28.

>=20

> -Declan

>=20

> -------

>=20

>         SEC. 105. PUBLIC ENCRYPTION PRODUCTS AND SERVICES

>=20

>         (a) As of January 1, 1999, public network service

>         providers offering encryption products or encryption

>         services shall ensure that such products or services

>         enable the immediate decryption of communications or

>         electronic information encrypted by such products or

>         services on the public network, upon receipt of a court

>         order, warrant, or certification, pursuant to section

>         106, without the knowledge or cooperation of the person

>         using such encryption products or services.

>=20

>         (b) As of January 1, 1999, it shall be unlawful for any

>         person to manufacture for sale or distribution within

>         the U.S., distribute within the U.S., sell within the

>         U.S., or import into the U.S., any product that can be

>         used to encrypt communications or electronic

>         information, unless that product:

>=20

>          (1) includes features, such as key recovery, trusted

>          third party compatibility or other means, that

>=20

>           (A) permit immediate decryption upon receipt of

>           decryption information by an authorized party without

>           the knowledge or cooperation of the person using such

>           encryption product; and

>=20

>           (B) is either enabled at the time of manufacture,

>           distribution, sale, or import, or may be enabled by the

>           purchase or end user; or

>=20

>          (2) can be used only on systems or networks that include

>          features, such as key recovery, trusted third party

>          compatibility or other means, that permit immediate

>          decryption by an authorized party without the knowledge

>          or cooperation of the person using such encryption

>          product.

>=20

>         (c) (1) Within 180 days of the enactment of this Act,

>         the Attorney General shall publish in the Federal

>         Register functional criteria for complying with the

>         decryption requirements set forth in this section.

>=20

>         (2) Within 180 days of the enactment of this Act, the

>         Attorney General shall promulgate procedures by which

>         data network service providers sand encryption product

>         manufacturers, sellers, re-sellers, distributors, and

>         importers may obtain advisory opinions as to whether a

>         decryption method will meet the requirements of this

>         section.

>=20

>         (3) Nothing in this Act or any other law shall be

>         construed as requiring the implementation of any

>         particular decryption method in order to satisfy the

>         requirements of paragrpahs (a) or (b) of this section.

>=20

> -------

>=20

> MSNBC's Brock Meeks on above FBI proposal & White House support:

>   `http://www.msnbc.com/news/108020.asp

>=20

> My report on the September 3 "mandatory key escrow" Senate hearing:

>   `http://jya.com/declan6.htm

>=20

> Transcript of FBI director Louis Freeh's remarks at Sep 3 hearing:

>   `http://jya.com/fbi-gak.txt

>=20

> Reuters' Aaron Pressman on Commerce Dept backing away from FBI:

>   `http://www.pathfinder.com/net/latest/RB/1997Sep05/248.html

>=20

> -------