Re: Cisco introduces "Router Escrow"

Mark Tillotson (markt@harlequin.co.uk)
Tue, 14 Jul 1998 13:23:01 +0100

• Next message: Tom Otvos: "Re: Mersenne Twister - Why a PRNG isn't a OTP"
• Previous message: wcts@globalvisionexpo.com: "Your literature on our world tour"

| Cisco et. al. is once again trying to compromise user security in the name
| of gaining foreign markets:
|
| http://www.cisco.com/warp/public/146/july98/3.html
|
| Kathleen M. Ellis Admin. Asst., Electronic Privacy Information Center
| Voice Mail: (202)298-0833 http://www.epic.org
|

There's a poorly written whitepaper there, which pushed
my bullshit detector offscale...

"In order to meet market requirements, networking encryption products
must: (1) provide strong security, (2) adhere to open standards, and
(3) support an operator-controlled management mechanism to specify
               ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
encrypted flows."
^^^^^^^^^^^^^^^

The real security issues don't even seem to have crossed the authors
mind(s), nor the obvious fact that you can't justify this system on
the grounds that users are not keen on key-escrow, since this scheme
is in many ways significantly less secure (and definitely more open to
abuse and incompetence).

What amused me was that there is a random heading in the press
release, "critical differences from key escrow", which has absolutely
no relevant comments below it.

__Mark
[ markt@harlequin.co.uk | http://www.harlequin.co.uk/ | +44(0)1954 785433 ]
[ personal homepage http://utter.chaos.org.uk/~markt/ | fax " " 785444 ]

• Next message: Tom Otvos: "Re: Mersenne Twister - Why a PRNG isn't a OTP"
• Previous message: wcts@globalvisionexpo.com: "Your literature on our world tour"