[1562] in cryptography@c2.net mail archive
Re: Nyah, Nyah, I've Got A Secret
daemon@ATHENA.MIT.EDU (Declan McCullagh)
Mon Sep 22 14:14:18 1997
Date: Mon, 22 Sep 1997 00:47:12 -0400
To: cryptography@c2.net, unicorn@schloss.li
From: Declan McCullagh <declan@well.com>
Uni writes, quoting me:
>>If the government bans the sale of encryption products without a key escrow
>>backdoor, the total cost to government and industry may be as low as $200
>>million. Certainly not more than one or two billion. That according to the
>>Congressional Budget Office in a new study that puts a price tag on the
>>mandatory GAK SAFE bill that House Intelligence approved.
>
>My understanding is that the scope of that price is limited to the cost of
>implementing export controls and product specifications, not the cost to
>industry of implementing the plan, or the cost of government to administer
>the management of all the keys, key applications, key change notifications,
>key filings...
Nope. The CBO analysis I got a copy of and wrote about is based on the
total "costs of complying with the requirements" of the mandatory GAK
version of SAFE. Again, read this week's Time. You may be thinking of CBO
cost estimates released in May and July that focused on previous versions
of SAFE that only dealt with exports. This estimate deals with the costs of
operating GAK systems and predicts that some products may drop crypto and
users may abandon its use if mandatory GAK becomes law.
>The security review for a small CA is in the half million dollar range. I
>can only imagine what a government facility might run.
The CBO relied on NSA estimates for the upper bound.
-Declan
-------------------------
Declan McCullagh
Washington Correspondent, The Netly News Network, http://netlynews.com/
Reporter, Time Magazine, http://time.com/
