-----BEGIN PGP SIGNED MESSAGE-----
Aside from noting the vicious hypocrisy of the Clinton administration
saying they support the 11th Ammendment, I've also decided that the bill
mentioned in the New York Times Story excerpted below, like most current
state digital signature legislation, could more properly be called the
"Lie on an X.509 'Certificate' and Go to Jail Act of 1999".
"Crypto in a crime", indeed.
The solution to this madness, is, of course, bearer credentials, as
Stephan Brands points out in his recently published doctoral dissertation
"Rethinking Public Key Infrastructures and Digital Certificates --
Building in Privacy", now published by Ponsen and Looijen in the
Netherlands, ISBN 90-901-3059-4.
The resulting book is in very well-written English, it's about 300 pages,
and, in it, Brands, the best of his generation of financial
cryptographers, completely demolishes, all the way down to the level of
cryptographic protocol, most of the received wisdom about "certification"
- -- and the current cult-like mystification of identity which underlies
it.
Even better, Stefan unveils a whole class of bearer-credential
cryptographic protocols which get the job done with infinitely more
privacy. More important, I'm personally convinced that Brands' bearer
credentials are significantly lower in cost than current book-entry
methods of "certification", especially after the costs of repudiation and
enforcement are taken into account.
However, given my current business, my biases on this subject are rather
plain here, so don't take my word for it: get the book and see for
yourself.
Stefan's thesis committee was Ron Rivest, Adi Shamir (yes, the R and S in
RSA), and Claus Schnorr (yes, *that* Claus Schnorr). Three men who could
be easily said to be the fathers of digital "certification", if its
patrimony was ever in dispute.
I would highly recommend that *everyone* who's serious in the study of
digital commerce -- and I mean legal professionals in particular -- order
this book immediately and go read it.
It goes without saying that anyone who calls himself a financial
cryptographer, much less a cryptographic or digital commerce software
engineer, should have this book in his library as well.
Cheers,
RAH
- --- begin forwarded text
Date: Tue, 19 Oct 1999 08:20:23 +0200 (CEST)
From: Anonymous <[EMAIL PROTECTED]>
Comments: This message did not originate from the Sender address above.
It was remailed automatically by anonymizing remailer software.
Please report problems or inappropriate use to the
remailer administrator at <[EMAIL PROTECTED]>.
Old-Subject: NYT Story: Digital Contracts
To: [EMAIL PROTECTED]
Subject: NYT Story: Digital Contracts
Sender: [EMAIL PROTECTED]
Reply-To: Anonymous <[EMAIL PROTECTED]>
Fight Over Electronic Contracts Heads to House
Also: U.S. Shut Out in First Round of Internet Board Elections
ASHINGTON -- With the clock ticking toward adjournment for the year,
Congressional leaders and the Clinton Administration are working to
eliminate political infighting and pass legislation that would give
electronic contracts the same legal weight as their traditional paper
counterparts.
The legislation is considered crucial for the future of electronic
commerce, and it is part of an effort by the Commerce Department both
domestically and internationally to make the standards for such
contracts, with their "digital signatures," as simple as possible.
But Republicans and Democrats in the House are still battling over how
far the legislation should go, a fight that could play out on the House
floor this week.
The House is scheduled to take up digital signature legislation as early
as Tuesday, but first leaders must decide how to proceed. At issue are
states rights, and whether individual states should have the power to
make their own rules for recognizing digital signatures.
The White House and most Democrats are pushing for a bill that would make
digital signatures legal only in those states that don't already have
laws recognizing the validity of electronic contracts.
But Republican leaders in the House have been pushing for more sweeping
legislation that would not only pre-empt state digital signature laws but
would also eliminate some of the paper-record keeping and notification
requirements that some states impose on financial institutions and
insurance companies.
The House Judiciary Committee last week narrowly approved a version of
the bill backed by Democrats that would recognize current state laws on
both electronic signatures and record-keeping. The bill is similar to a
White House-endorsed Senate proposal by Senator Spencer Abraham, a
Michigan Republican, that is awaiting passage in that chamber.
The House Commerce Committee, meanwhile, in August approved a bill by
Chairman Thomas J. Bliley Jr., a Virginia Republican, that would
establish a uniform national standard for authenticating electronic
signatures, and require that states pass laws based on the national
model.
The Clinton Administration strongly opposes what it calls unnecessary
preemption of state laws.
<remainder snipped while laughing bitterly at that last sentence>
- --- end forwarded text
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.1 for non-commercial use <http://www.pgp.com>
iQEVAwUBOAyBIcUCGwxmWcHhAQHIhAf/aU8MQcgDqLkaBc5EZkcl1UpBs1JNxCLt
NFcBXaFeyQxYP7874sMbOr/Ec5jmvMdr2CnZFNd24FwQsx+Cs04D/BLezbXoIDsS
n1Ue7TXFOxqh0Jx+ED4gLQcXcK9Tc+J463vt9sK7ur9GQbHR4e+QylsbbjzZe8MA
lCFRgJjY0B2AvcI2bpHWG8ZdJ6oK3ZdLJp1cSv9yAcIKOTV2mEtyeRk75NdWqPAb
K241ex4f4iDtUpbZ35lCMOQx4KwnwaMmlQUHCSr3M3f1n+ohA2Cukr/mt3cIfymM
i/YVVDFGll80HNx8GdVPBMIVLmglr13ciBpkYDryrxQ+/HauspmYQg==
=7yeU
-----END PGP SIGNATURE-----
-----------------
Robert A. Hettinga <mailto: [EMAIL PROTECTED]>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"The enumeration in the Constitution, of certain rights, shall not be
construed to deny or disparage others retained by the people."
-- US Constitution, 11th Ammendment
