[278] in cryptography@c2.net mail archive
GAK in domestic crypto products
daemon@ATHENA.MIT.EDU (Lyle Seaman)
Fri Feb 21 15:57:35 1997
Date: Fri, 21 Feb 1997 15:24:25 -0500
To: lws@transarc.com
From: Lyle Seaman <lws@ms.com>
Cc: cryptography@c2.net
According to Peter Trei:
>incentive. The rules also require that if either end
>of a transmission uses a GAK'd product, then both
>sides of the transmission must be tappable. This
>makes it difficult for GAK'd and non-GAK'd products to
>interoperate, and is a wedge to force GAK'd products
>into even purely domestic communications.
I think that all this is saying is that if a domestic entity (person,
server, whatever) is communicating with a foreign entity (person, client,
whatever), then the keys which are obtained must be able to decrypt data
flowing in each direction.
I don't see how it makes it terribly difficult to interoperate. You
implement two protocols -- a GAK protocol and a non-GAK protocol. The
software prefers the non-GAK protocol if it is available. You ship only the
GAK protocol to foreign customers, and both to domestic customers.
I suppose this is a wedge -- lazy companies will choose to implement only
the one, but the second (non-GAK) protocol should be almost trivial to
implement -- having already done the first.
