At Tue, 15 Aug 2006 21:17:34 +0200, Marcus wrote: > > The > > same holds for the DRM-like applications: We develop applications that > > allow > > the enforcement of security policies in a distributed environment, but > > which > > consider user rights and the law (keywords: multilateral security, fair > > use). > > My questions: What other user rights do you consider beside fair use? > How do you express complete fair use guarantees (properties) in a > property-based security infrastructure? How do you express other > guarantees and rights in a property-based security infrastructure?
Let me give you a specific example of what I am thinking about. In 1969, Daniel Ellsberg, working at the RAND corporation, and his former colleague, Tony Russo, copied 7,000 pages of top-secret documents titled "United States-Vietnam Relations, 1945-1967: A Study Prepared by the Department of Defense", which documented the illegality of the Vietnam war. He then released these papers to members of the Senate, who refused to make them public, and later, in 1971, to the New York times, which published excerpts. Daniel Ellsberg, as well as the New York Times, were prosecuted by the authorities. However, the authorities behaved in gross misconduct, and all charges were dropped. The injunctions against the New York Times were also rejected. Although there was no judificial confirmation of the legality of the actions by Ellsberg and the New York Times (both got off on a technicality), there is a broad consens among the public that these actions were not only legal, but that it is a moral responsibility to act in the manner they did. The release of the Pentagon papers eroded public support for an illegal war and helped to accelerate its end. Now, this is exactly the kind of documents that the government would want to see managed by DRM technology. Note that in this example, a "trusted third party" under the control of the government would not give the public access to these documents. So, the question is: Which properties should the "trusted third party" attest to secure the rights of the people to leak classified government documents that document grave crimes to humanity? How are such properties expressed in a security model? In other words: How can a computer be instructed to allow the Daniel Ellsberg of 2019 to make copies of such documents, and the New York times to publish them? Thanks, Marcus _______________________________________________ L4-hurd mailing list [email protected] http://lists.gnu.org/mailman/listinfo/l4-hurd
