[Cryptography] Security clearances and FOSS encryption?
Tom Mitchell
mitch at niftyegg.com
Fri Jul 4 18:34:26 EDT 2014
On Thu, Jul 3, 2014 at 8:47 AM, Bill Cox <waywardgeek at gmail.com> wrote:
> I am working on the CipherShed open-source fork of TrueCrypt. I believe
> one of our contributors has a US security clearance of some sort. I have
> no problem with this, but:
>
> Do US security clearances in any way restrict a person's involvement in
> FOSS encryption projects like CipherShed?
>
Thinking back 40 years, not necessarily.
Clearly he cannot divulge classified information......
What we cannot know is what the individual knows that is classified.
Ask him if TrueCrypt is a conflict and also if he has approval from his
security officer and manager.
You might request him to get written approval... you may never see the
document (un redacted)
but at one level attempting to make sure this person crosses T's and dots
I' is a start.
N.B that a classified document requiring a clearance can be as mundane as
an invoice for toilet paper. i.e. we have
no clue what is involved here -- the individual knows more so ask if he is
free to participate and if he has notified his "management".
--
T o m M i t c h e l l
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140704/636d5217/attachment.html>
More information about the cryptography
mailing list