How to ban crypto?

Eric Rescorla ekr at rtfm.com
Sun Sep 16 23:03:53 EDT 2001 

Matt Blaze <mab at research.att.com> writes:
> If anything, the key escrow problem has become much harder.  Today,
> far more than three years ago, encryption is central to protecting
> many aspects of what we call "critical infrastructure", and, although I've
> not systematically studied this recently, I suspect it would be far more
> difficult to protect many of these applications with a requirement for
> key escrow.
Even leaving aside the issue of critical infrastructure, the situation
is dramatically different than it was in 97-98 in one very important
sense: installed base. Pretty much anyone who downloaded a browser
since the big liberalization in 1998 now has strong crypto, at least
for HTTPS and quite possibly for e-mail as well. Even if we assume
that users are willing to change their browsers--a big if--
transitioning them is a nightmare.

In the best case scenario, the user is running the absolute most
modern version of the browser and so you just need to replace it with
a crippled version that is otherwise the same. This sort of software
changeover doesn't break things that often but with many tens
(hundreds?) of millions of users we're going to see a lot of broken
installations anyway.

Moreover, the best case isn't that common. Many people are running
downrev software and will have to upgrade (downgrade?) to the 
newest crippled version. This sort of upgrade causes a lot of
breakage. In the worst shape will be users who are using operating
systems for which new browsers are no longer available. For instance,
you don't seem to be able to get IE 5 for Windows 3.1 at all and
I don't seem to be able to get IE 6 for Win95. Do we expect Microsoft
to release new versions of IE 5.5 with GAK? IE 4?

I don't see how a switch like this could be made to work in practice
even if the users wanted it. Since a substantial number won't want
to--or may not even know how--I don't see how it can be done at
all.

-Ekr

[Eric Rescorla                                   ekr at rtfm.com]
                http://www.rtfm.com/



---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com

More information about the cryptography mailing list