Gresham's Law?

John S. Denker jsd at av8n.com
Thu Nov 20 22:04:52 EST 2003


On 11/19/2003 07:51 PM, Jon Callas wrote:
> 
> This is indeed the only case I know of where government has given 
> protection and preference to inferior systems over superior ones.

It's not hard to discover other cases.

At the philosophical level, one could argue that
protecting the weak is one of the most fundamental
raisons d'etre for a government.

If you don't like the effects of Gresham's law,
replacing it with the law of the jungle isn't
really an improvement.  Practicality lies in
the vast gray area in the middle.

As a specific example, consider the legal status
of the lock on my door.  Any burglar with even
rudimentary skills could pick the lock.  One with
even less skill could break the fancy glass
beside the door.  More-secure locks and more-secure
doors are readily available.  Yet the law takes
notice of the lock.  If I don't have a door, if
you waltz in it might be trespass or it might be
no offence at all.  But if you pick or smash your
way past a locked door, without permission or
some very special reason, it's likely to be
felony breaking and entering.

Maybe you think that the B&E laws should only
apply to state-of-the-art high security vaults.
I don't.  I think the existing lock performs a
useful symbolic role:  it puts you on notice
that you don't belong there.  You can't get
past it by accident.  The law takes over from
there.

 > ..... in my talks and testimony about the DMCA.
 > I referred to Gresham's Law as it applies to security. I also have
 > called the DMCA "The Snake-Oil Protection Act."

A friend of mine once told me:  Never support a
strong argument with a weak one.

There exist strong arguments why DMCA is a bad
law.  Boldly asserting that the government has
never heretofore built laws around imperfect
technology is not going to impress any lawmakers.

Also, if you're going to argue against something,
it pays to know where the other side is coming
from.  In the areas where cypto works well, it
works so extraordinarily well that bad systems
can, over time, be drowned in their own snake-oil
and forgotten.  If protecting substandard crypto
were the only issue, I doubt anybody would have
gone to the trouble of passing a law.

The point of the law is elsewhere:  the proponents
are worried about what happens in the thousand and
one cases where strong crypto doesn't solve the
problem.

To repeat:  If you want to make an argument against
the other side, it's a bad strategy to start by
misjuding what they're arguing for.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list