From lists@notatla.demon.co.uk Wed, 1 Nov 2000 07:51:52 GMT Date: Wed, 1 Nov 2000 07:51:52 GMT From: lists@notatla.demon.co.uk lists@notatla.demon.co.uk Subject: How RIP-proof is SSL? From: Dave Bird > In message <39FEE5F1.869D6936@algroup.co.uk>, Ben Laurie > writes > >Actually, export SSL uses ephemeral RSA keys... > > "Export SSL?" export from where......?? Some of us are just ignorant > political campaigners with a limited knowledge of the practical > use of crtypto, and don't sit on all the working parties. >From the US - they've spent many years trying to reduce crypto uptake by limiting the export of software that includes it for easy use. > In message <80256989.0056EA22.00@d06mta07.portsmouth.uk.ibm.com>, > paulfordh@uk.ibm.com writes > >For the completeists - here are all the SSL/TLS ciphersuites I've found > >reference to (there are some new ones in drafts (notably the AES ones) but > >they tend to conflict at the moment.) > > That's nice but still doesn't define TLS.... http://www.ietf.org/rfc/rfc2246.txt 2246 The TLS Protocol Version 1.0. T. Dierks, C. Allen. January 1999. 2487 SMTP Service Extension for Secure SMTP over TLS. P. Hoffman. 2595 Using TLS with IMAP, POP3 and ACAP. C. Newman. June 1999. 2716 PPP EAP TLS Authentication Protocol. B. Aboba, D. Simon. October 2817 Upgrading to TLS Within HTTP/1.1. R. Khare, S. Lawrence. May 2818 HTTP Over TLS. E. Rescorla. May 2000. (Format: TXT=15170 bytes) > They need only advertise a logo that "WARNING, any server in > Britain or other authoritarian countries without this feature > can secretly yield up your credit-card number and all > transactions to the authorities. Use backward-secure SSL!" If you're giving your credit card details to somebody you're giving your credit card details to somebody. Exactly how it reaches them is irrelevant to whether they can later pass it on. > In message <20001031155911.A11024@cdc.informatik.tu-darmstadt.de>, Bodo > Moeller writes > >The typical SSL web*server* today comes with Diffie-Hellman enabled > >(Apache with mod_ssl), but the browsers by Microsoft, Netscape and > >Opera Software unfortunately don't implement the ciphersuites > >involving DH. Lynx-SSL does support DH, but it does not check server > >certificates, so you entirely rely on the DNS for server > >authentication. I'd guess that using SafePassage or a similar SSL > >proxy (which runs on the same machine as the browser and works as a > >"man in the middle" by re-encrypting all data between the client and > >the server) makes it possible to use DH with standard browsers. > > Can it be done as plug-ins, add-ons, or whatever? > or does it really have to be via a LocalHost / LocalProxy ?? > though I suppose such a thing is not impossible to write.... SafePassage has been around for several years (since at least 1996) from Sameer and his C2net organisation (recently bought by Red Hat). Quoting Adam Back on codepunks 18Jan1999: : The other approach is the pipe / TCP/IP socket. If the clients can be : configured to select server host name and port number, you can : integrate crypto using a local proxy. : : A few examples of this are: : : Ian Brown's Enigma http://www.cs.ucl.ac.uk/staff/I.Brown/ : Ben "Quincy" Cabell's ByProxy http://www.besiex.org : C2Net's SafePassage http://www.c2.net > In message <69DB54A9E557D411865000508BA704BAB11752@MAIL2>, Owen Blacker > writes > >As an aside, IIRC, you don't have a 40 bit (or 56 bit) session key > >ever, but you might have (respectively) 88 or 72 bits of the 128 bit > >key provided in the clear in headers. I don't recall whether it's > > Oh, groan; and is there any way round THIS one :-? Of the many ciphersuites just listed here in other posts only some do this deliberate key leaking. Test at ... can't find an URL right now but there are some that tell you whether you got 128-bits. From alan.hassey@btinternet.com Wed, 1 Nov 2000 08:00:50 -0000 Date: Wed, 1 Nov 2000 08:00:50 -0000 From: Dr Alan Hassey alan.hassey@btinternet.com Subject: Clifford Cocks interview I think it's repeated Wed or Thurs isn't it??? === Dr Alan Hassey (mailto:alan.hassey@btinternet.com) RCGP Health Informatics Group Joint Computing Group (GPC - RCGP) -----Original Message----- From: ukcrypto-admin@chiark.greenend.org.uk [mailto:ukcrypto-admin@chiark.greenend.org.uk]On Behalf Of Duncan Campbell Sent: 31 October 2000 11:26 To: ukcrypto@chiark.greenend.org.uk Subject: Clifford Cocks interview Did anyone watch Channel 4's Science of Secrecy interview with Cliff Cocks on Sunday? Bad weather stopped me getting back to see it. Was it good, bad or indifferent? Has anyone got a copy that they would be willing to lend or have copied (reply privately to this one please). Duncan Campbell From DHowe@Hawkswing.demon.co.uk Wed, 1 Nov 2000 09:24:20 -0000 Date: Wed, 1 Nov 2000 09:24:20 -0000 From: David Howe DHowe@Hawkswing.demon.co.uk Subject: GPL in the UK "Benjamin Geer" wrote: > On the question of whether the UK government could reassign copyright > for GPLed software in case of bankruptcy, the FSF had this to say: > > The GPL is an irrevocable license. That means that the government > > would not be able to revoke the rights given by the GPL to those who > > already received a copy under the terms of the GPL. They would only > > be allowed to to change the license for new licensees who receive a > > copy from them. I would dispute that - what is an ironclad agreement under US law (and in particular, under the juristiction of the FSF) does not apply worldwide. The Inland Revenue have a past history of pulling some pretty dubious stunts to get their VAT owed, and getting away with it. The US law is much more biassed in Corporate rights Vs Government (and indeed, anyone else's) rights... Out of interest, which is going to come first - the US letting Micky Mouse go out of copyright or the rest of the world ignoring the US extensions? From nbohm@ernest.net Wed, 01 Nov 2000 10:19:09 +0000 Date: Wed, 01 Nov 2000 10:19:09 +0000 From: Nicholas Bohm nbohm@ernest.net Subject: RIP questions At 09:27 PM 10/31/2000 +0000, Ben Clifford wrote: [snip] >If I somehow use somebody's signature key to encrypt information to them, >this then seems to require that they have to give up their key, even if >they intended for it to be used only for signatures? Only if they use their private key to decrypt it. Regards, Nicholas Bohm Salkyns, Great Canfield, Takeley, Bishop's Stortford CM22 6SX, UK Phone 01279 871272 (+44 1279 871272) Fax 01279 870215 (+44 1279 870215) Mobile 07715 419728 (+44 7715 419728) PGP RSA 1024 bit public key ID: 0x08340015. Fingerprint: 9E 15 FB 2A 54 96 24 37 98 A2 E0 D1 34 13 48 07 PGP DSS/DH 1024/3072 public key ID: 0x899DD7FF. Fingerprint: 5248 1320 B42E 84FC 1E8B A9E6 0912 AE66 899D D7FF From chl@clw.cs.man.ac.uk Wed, 1 Nov 2000 10:24:50 +0000 (GMT) Date: Wed, 1 Nov 2000 10:24:50 +0000 (GMT) From: Charles Lindsey chl@clw.cs.man.ac.uk Subject: How RIP-proof is SSL? On Tue, 31 Oct 2000 20:21:43 +0000 Dave Bird said... > OK why not have a long-term signing key, but change the public > encrypt key every minute or every message. Because it is computat- > ionally intensive to provide that many public keys I suppose. Yes, that's about it. For D-H, the server just has to generate one 128 bit random number. For an RSA key, the server has to generate two 512 bit random numbers AND establish (to a high degree of probability) that they are both prime. So D-H seems to be the way to go. Someone said that servers now mostly support it, so we need to be leaning on the people who supply browsers to do so too. Charles H. Lindsey ---------At Home, doing my own thing------------------------ Email: chl@clw.cs.man.ac.uk Web: http://www.cs.man.ac.uk/~chl Voice/Fax: +44 161 437 4506 Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K. PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5 From owen.blacker@pres.co.uk Wed, 1 Nov 2000 13:13:13 -0000 Date: Wed, 1 Nov 2000 13:13:13 -0000 From: Owen Blacker owen.blacker@pres.co.uk Subject: RIP questions -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Equally, at least with DSS/D-H keys in PGP 6.x and higher (and, IIRC, with the "new" RSA format used in PGP 7), you can delete the D-H encryption subkey, so that it cannot be used for encryption, just for signatures. OK, so you could probably hack about with it in order to encrypt using the DSS key if you really wanted to, but that'd plainly be misuse of a key intended only for signatures. See my signature key (0x00036874), for example... :o) O x - ----- Owen Blacker Senior Internet Developer and InfoSec Consultant, pres.co I now have new PGP keys -- qv http://www.owens-place.org.uk/pgp.html Sig 0x00036874 | d39f b776 fa20 c125 b0e2 aa6d 555e 4126 0003 6874 > -----Original Message----- > From: Nicholas Bohm [mailto:nbohm@ernest.net] > Sent: Wednesday, November 01, 2000 10:19 AM > To: ukcrypto@chiark.greenend.org.uk; > ukcrypto@chiark.greenend.org.uk Subject: Re: RIP questions > > > At 09:27 PM 10/31/2000 +0000, Ben Clifford wrote: > > [snip] > > >If I somehow use somebody's signature key to encrypt > information to them, > >this then seems to require that they have to give up their > key, even if > >they intended for it to be used only for signatures? > > Only if they use their private key to decrypt it. > > Regards, > > Nicholas Bohm > > Salkyns, Great Canfield, > Takeley, Bishop's Stortford CM22 6SX, UK > > Phone 01279 871272 (+44 1279 871272) > Fax 01279 870215 (+44 1279 870215) > Mobile 07715 419728 (+44 7715 419728) > > PGP RSA 1024 bit public key ID: 0x08340015. Fingerprint: > 9E 15 FB 2A 54 96 24 37 98 A2 E0 D1 34 13 48 07 > PGP DSS/DH 1024/3072 public key ID: 0x899DD7FF. Fingerprint: > 5248 1320 B42E 84FC 1E8B A9E6 0912 AE66 899D D7FF > > > > > ____________________________________________________________________ > _ This message has been checked for all known viruses by UUNET > delivered > through the MessageLabs Virus Control Centre. For further > information visit > http://www.uk.uu.net/products/security/virus/ > -----BEGIN PGP SIGNATURE----- Version: PGP 7.0 Comment: Due to RIP, pls check for revocation before using this key! iQA/AwUBOgAXCFVeQSYAA2h0EQJ+3wCggtjnuNVz8H9MdgtE7/jq5PaEQbgAoK4N MTHf7uBXbaNgfiKRlFB7HgjZ =a/Vl -----END PGP SIGNATURE----- _____________________________________________________________________ This message has been checked for all known viruses by UUNET delivered through the MessageLabs Virus Control Centre. For further information visit http://www.uk.uu.net/products/security/virus/ From Pete.Chown@skygate.co.uk Wed, 1 Nov 2000 13:46:01 +0000 Date: Wed, 1 Nov 2000 13:46:01 +0000 From: Pete Chown Pete.Chown@skygate.co.uk Subject: How RIP-proof is SSL? Dave Bird wrote: > Heaven help us, could you specify what an "ephemeral" DH suite is -- > one which has a long-term and certified public DSS signing key, > but a different DH public encrypt key per minute or per message? The signing can be by DSS or RSA but that is a messy detail. Apart from that what you say is right. > What is the "TLS" working group? Well, SSL changed its name to TLS for its most recent revision. The TLS working group is the IETF body that considers improvements to the protocol. It has a home page at: http://www.ietf.org/html.charters/tls-charter.html but this is fairly uninteresting if you are not following the "nuts and bolts" of the protocol. > Can this stuff be put into share-ware, into browser plug-ins, > into at least software used by the wise?? Sure. OpenSSL supports it for example. A browser plug in would be a bit harder though -- most of the browsers keep the crypto functionality under quite tight control. > "Export SSL?" export from where......?? Some of us are just ignorant > political campaigners with a limited knowledge of the practical > use of crtypto, and don't sit on all the working parties. >From the US. The law has been changed now, but there are still some of the old "export" browsers around. More importantly the standards still support the export crippled crypto even if it is less and less used. > Oh, groan; and is there any way round [ the leakage of key bits ] :-? This is just the way the crippled browsers work. The 128-bit key ones really do have a 128-bit key. -- Pete From Q.G.Campbell@newcastle.ac.uk Wed, 1 Nov 2000 13:26:30 +0000 (GMT) Date: Wed, 1 Nov 2000 13:26:30 +0000 (GMT) From: Quentin Campbell Q.G.Campbell@newcastle.ac.uk Subject: How RIP-proof is SSL? On Mon, 30 Oct 2000, Charles Lindsey wrote: [snip] > Bob has a private RSA key, and exhibits a certificate containing its > public counterpart and signed by Verisign. In the simplest scenarios, > this is both a signature and verification key. He sends a message, > incorporating that certificate, to Alice, signed by this key, inviting > her to generate a session key. > > Alice (who trusts Verisign) verifies that the invitation and the [snip] You need to be able to trust *both* Verisign and the holder of the private (signing) key. It will be interesting to see to what extent trust in these certificates will be undermined by, for example, the recent revocation by Sun Microsystems of two certificates used by Netscape and IE. Their announcemnt was very terse and gave no explantion as to how the secret keys may have been compromised. Quentin -- PHONE: +44 191 222 8209 Computing Service, University of Newcastle FAX: +44 191 222 8765 Newcastle upon Tyne, United Kingdom, NE1 7RU. ------------------------------------------------------------------------- "Any opinions expressed above are mine. The University can get its own." From I.Brown@cs.ucl.ac.uk Wed, 1 Nov 2000 16:41:15 -0000 Date: Wed, 1 Nov 2000 16:41:15 -0000 From: Ian Brown I.Brown@cs.ucl.ac.uk Subject: UK Big Brother Awards 2000 Folks -- ukcrypto members are invited to this year's BBAs (some might even win one!) -- please RSVP to Simon if interested. You can also nominate candidates to his e-mail address. Ian :0) -- PRIVACY INTERNATIONAL Takes mischievous pleasure in inviting you to attend the 3rd annual UK BIG BROTHER AWARDS To recognise the villains and heroes of privacy at 7.15 pm, Monday 4th December in the Old Theatre The London School of Economics Houghton Street London WC2A 2AE (Ground floor, Old Building) Reception at 6pm in the Senior Dining Room, 5th floor, Old Building Presented by Channel 4's Mark Thomas Hosted by the LSE Department of Information Systems Awards will be presented for: Worst public servant; Most invasive company; Most Appalling Project; Most Heinous Government Organisation; and Lifetime Menace. RSVP to Simon Davies : s.g.davies@lse.ac.uk Phone 07958 466 552 From peter.fairbrother@ntlworld.com Wed, 01 Nov 2000 16:00:00 +0000 Date: Wed, 01 Nov 2000 16:00:00 +0000 From: Peter Fairbrother peter.fairbrother@ntlworld.com Subject: How RIP-proof is SSL? A note about Diffie-Hellman : Alice and Bob want to make a key. First, Alice and Bob make some private parts (1). They're shy, so they conceal their private parts (2) and send these concealed parts to each other openly. When they each take their own private part and mix (3) it with the other's concealed private part they make a key. By the magic of Diffie-Hellman (4) both keys are the same! However, instead of cherishing this key they throw both it and their private parts away!(5) Peter (1) a random number - call Alice"s A and Bob's B (2) by taking a small number called g and multiplying g by itself the number they want to hide times, then dividing the result by a big number P and sending the remainder. This is written g^A MOD P. For optimum security g should be a generator for a large prime P - this means that each A in the formula gives a different answer, when A is less than P. g and P are not secret and can be reused - fortunate as it is quite hard to find a suitable combination. The rest of the maths is quite quick to do. (3) Alice does ((g^B) MOD P)^A MOD P , Bob does ((g^A) MOD P)^B MOD P. A is Alice's private part, (g^B) MOD P is the open part Bob sent, B is Bob's private part ,(g^A) MOD P is the open part Alice sent. (4)((g^B) MOD P)^A MOD P = (g^B)^A MOD P = (g^A)^B MOD P = ((g^A) MOD P)^B MOD P. Explaining why would take too long, but (g^B)^A = g^(B^A) = b^(A^B) = (g^A)^B , and the MOD P bit makes the numbers small enough to be useful, as well as making it hard to find a private part from it's open part. (5) Or they ought to if they want the key to be ephemeral. From peter.fairbrother@ntlworld.com Wed, 01 Nov 2000 16:20:22 +0000 Date: Wed, 01 Nov 2000 16:20:22 +0000 From: Peter Fairbrother peter.fairbrother@ntlworld.com Subject: Avoiding RIPA a) Online one-to-one communication. Fairly easy. Use signed Diffie-Hellman to establish a shared secret key and delete it immediately the session is over. It doesn't matter how the server handles it, the encryption is end-to-end. Unfortunately very few present security programs can do this. b)Offline one-to-one eg email. Tricky. Same as above but the server keeps signed D-H open key parts from the recipients and gives them to the sender on demand. Secure once the keys have been deleted eg the mail has been read. I know of no presently implemented protocols that can do this securely against RIPA. Unfortunately the private parts of the D_H keys must be stored somewhere until the message is read. c) Stored data, including keys. Very tricky. If it is on your computer then it is reasonable to assume you have keys. It's also capable of being used in evidence if plod seizes your computer (decoded interceptions aren't). I personally wouldn't trust deniable techniques where the raw data is open to plod. If it's stored elsewhere then it's harder for plod to know what is stored. You can use message obscurity and deniability to conceal the extent of the contents of an online database. You can use multiple encryption if you don't trust the server. Using ephemeral keys for the communications between user and server is not sufficient to protect against RIPA, whether or not you trust the server. I am fairly sure there are no present programs that can do this securely against RIPA. From chl@clw.cs.man.ac.uk Wed, 1 Nov 2000 13:52:14 +0000 (GMT) Date: Wed, 1 Nov 2000 13:52:14 +0000 (GMT) From: Charles Lindsey chl@clw.cs.man.ac.uk Subject: RIP questions On Tue, 31 Oct 2000 21:27:58 +0000 (/etc/localtime) Ben Clifford said... > > sorry if these have been asked before: > > How are contributions to costs worked out (eg sec 24, 52) - does it work > the same way as for existing interception warrants? Either way, how does > it work? "As the Secretary of State thinks fit". > > Can I disclose as a key an XOR "one-time pad" generated by my > XORing of the encrypted data and the plaintext? You could always try it on. But if Plod spots that the encrytped data started off with the standard PGP boilerplate, or that the "one-time-pad" started off with a long string of zeroes, then he could likely persuade a Court that you were "knowingly" trying to cheat. > > If I somehow use somebody's signature key to encrypt information to them, > this then seems to require that they have to give up their key, even if > they intended for it to be used only for signatures? Yes, that is one of the known possibilities. But they "wouldn't" prosecute you in that case, would they? Charles H. Lindsey ---------At Home, doing my own thing------------------------ Email: chl@clw.cs.man.ac.uk Web: http://www.cs.man.ac.uk/~chl Voice/Fax: +44 161 437 4506 Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K. PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5 From peter.fairbrother@ntlworld.com Wed, 01 Nov 2000 17:17:28 +0000 Date: Wed, 01 Nov 2000 17:17:28 +0000 From: Peter Fairbrother peter.fairbrother@ntlworld.com Subject: RSA and RIPA First of all, there is no advantage in using RSA for anything except signatures in crypto designed for resistance to RIPA. Ephemeral keys are better handled by Diffie-Hellman, although they must of course be signed, perhaps by RSA. Long-term RSA keys are likely to be subject to orders to reveal them. The main advantage of RSA for message-sending, that only the private key holder can read the message, is removed by RIPA's ability to demand keys. Secondly, that very advantage devalues RSA's usefulness as a signature key scheme. The Act allows exemption from orders to reveal any key which: (a) is intended to be used for the purpose only of generating electronic signatures; and =A0 =A0 =20 (b) has not in fact been used for any other purpose. (s.49.9). As RSA public keys can be so easily used to encrypt messages, it is hard to prove that the private key has not ben used to decrypt them. Thi= s applies to all RSA keys, including Certificating Authority keys. In theory (which is not rigorous and which doesn't take into account the difficulty o= f actually using them to encrypt/decrypt messages) it may apply to all public signature key schemes. I tried to point this out when RIP was going through Parliament, but nobody was listening. Anybody know of a signature key scheme that can't be used to encrypt messages and which has no covert channels? That doesn't require the signee to be on-line?=20 Peter From peter.fairbrother@ntlworld.com Wed, 01 Nov 2000 18:36:29 +0000 Date: Wed, 01 Nov 2000 18:36:29 +0000 From: Peter Fairbrother peter.fairbrother@ntlworld.com Subject: MOOT - Now Hushmail on 31/10/00 9:34 pm, Nexus at nexus@patrol.i-way.co.uk wrote: > Hi folks, > I use Hushmail myself for those anonymous occaisons as the SMTP header > gives little away. Hushmail themselves are using (visible) an Apache > Server : > Server: Apache/1.3.12 (Unix) mod_ssl/2.6.6 OpenSSL/0.9.5a > *defers to Ben on this one ;-)* > The session appears to be 128 bit and, indeed, nothing is sent in clear > after the password has been entered, and that is sent as a hash. The http > headers for the initial exchange are : > STARTSESSION > { > ### big hash here ### > } > > HTTP/1.1 200 OK > Content-length: 121 > Connection: close > content-type: application/x-hush-service-responses > hush-publickeysize: 1024 > hush-hashalgorithm: SHA1 > hush-version: 1.2 > hush-publickeycipher: ElGamal > hush-symmetrickeysize: 128 > hush-symmetrickeycipher: Blowfish > > OK > { > ### and another hash ### > } > > Then it switches over to HTTPS. > The hashes above are session based, so an attacker on the local net with a > sniffer could potentially > replicate the session ID's and impersonate the legit user if they remain on > for long enough, but I'll need to test that > when I have the time. > > Cheers, > JJ > > > [snip] >>> On Sat, 28 Oct 2000 09:55:12 -0700 >>> Greg Broiles said... >>> >>>> Have you looked at ? That implements most of > [snip] > > ____________________________________________ > http://1cis.com > Free E-mail Servers with unlimited mailboxes > 1st Class Internet Solutions > > Does hushmail store plaintext on it's server? I'm not clear about this. From david@swarb.freeuk.com Wed, 1 Nov 2000 17:18:38 +0000 Date: Wed, 1 Nov 2000 17:18:38 +0000 From: David Swarbrick david@swarb.freeuk.com Subject: RIP questions In message <3.0.5.32.20001101101909.00b73b10@mail.netkonect.co.uk>, Nicholas Bohm writes >At 09:27 PM 10/31/2000 +0000, Ben Clifford wrote: > >[snip] > >>If I somehow use somebody's signature key to encrypt information to them, >>this then seems to require that they have to give up their key, even if >>they intended for it to be used only for signatures? > >Only if they use their private key to decrypt it. > I know that is the accepted interpretation, but I am not convinced. They are two numbers. They are chosen together, and are inextricably linked. There is a separation which takes place, as it were, after birth, but they only ever make sense when use together, and are incomplete unless used potentially in combination. They are in principle and often in practice reversible in use. The choice of one half rather than the other as public or private is arbitrary. They replace one key, but there is nothing in logic or use to say that one key may not be made up of two parts. It may well suit a judge to treat them as one key, and historical and ministerial protestations will not be of great significance. Do the codes of practice fix this in stone? -- David Swarbrick, Solicitor. Computer and Internet Law and Contracts david@swarb.freeuk.com T: +44(0)1484 722531 F: +44(0)1484 716617 Law-index of 11,400+ case summaries at www.swarb.co.uk From nbohm@ernest.net Wed, 01 Nov 2000 19:13:07 +0000 Date: Wed, 01 Nov 2000 19:13:07 +0000 From: Nicholas Bohm nbohm@ernest.net Subject: RSA and RIPA At 05:17 PM 11/1/2000 +0000, Peter Fairbrother wrote: >First of all, there is no advantage in using RSA for anything except >signatures in crypto designed for resistance to RIPA. Ephemeral keys are >better handled by Diffie-Hellman, although they must of course be signed, >perhaps by RSA. Long-term RSA keys are likely to be subject to orders to >reveal them. The main advantage of RSA for message-sending, that only the >private key holder can read the message, is removed by RIPA's ability to >demand keys. > >Secondly, that very advantage devalues RSA's usefulness as a signature key >scheme. The Act allows exemption from orders to reveal any key which: > >(a) is intended to be used for the purpose only of generating electronic >signatures; and >=A0 >=A0 =20 >(b) has not in fact been used for any other purpose. > >(s.49.9). As RSA public keys can be so easily used to encrypt messages, it >is hard to prove that the private key has not ben used to decrypt them.= This >applies to all RSA keys, including Certificating Authority keys.=20 The burden of proof is in principle the other way: Plod must prove it isn't a signature key. In practice (as Dave Swarbrick long ago pointed out) this is less comfort than is required. The reason is that the person facing the demand for the key has to decide then and there whether to refuse. Especially in a corporate environment, at that point he or she may have no way of being confident that nobody else has ever used the key to decrypt, and that Plod is bluffing (Plod need produce no evidence at this stage). So corporate signature keys are at risk in practice if Plod for some reason thinks they have been used to decrypt. Regards, Nicholas Bohm Salkyns, Great Canfield, Takeley, Bishop's Stortford CM22 6SX, UK Phone 01279 871272 (+44 1279 871272) Fax 01279 870215 (+44 1279 870215) Mobile 07715 419728 (+44 7715 419728) PGP RSA 1024 bit public key ID: 0x08340015. Fingerprint: 9E 15 FB 2A 54 96 24 37 98 A2 E0 D1 34 13 48 07 PGP DSS/DH 1024/3072 public key ID: 0x899DD7FF. Fingerprint: 5248 1320 B42E 84FC 1E8B A9E6 0912 AE66 899D D7FF From peter.fairbrother@ntlworld.com Wed, 01 Nov 2000 18:26:45 +0000 Date: Wed, 01 Nov 2000 18:26:45 +0000 From: Peter Fairbrother peter.fairbrother@ntlworld.com Subject: How RIP-proof is SSL?etc. + corrected typo - sorry! A note about Diffie-Hellman : Alice and Bob want to make a key. First, Alice and Bob make some private parts (1). They're shy, so they conceal their private parts (2) and send these concealed parts to each other openly. When they each take their own private part and mix (3) it with the other's concealed private part they make a number. By the magic of Diffie-Hellman (4) both numbers are the same! This is the key. However, instead of cherishing this key they throw both it and their private parts away!(5) Peter (1) a random number - call Alice"s A and Bob's B (2) by taking a small number called g and multiplying g by itself the number they want to hide times, then dividing the result by a big number P and sending the remainder. In Alice's case this is written g^A MOD P. The ^ means that they multiply the number before it by itself the number after it times. The MOD P bit means they divide it by P and throw away the result except for the remainder. For optimum security g should be a generator for a large prime P - this means that each A in the formula gives a different answer, when A is less than P. g and P are not secret and can be reused - fortunate as it is quite hard to find a suitable combination. The rest of the maths is quite quick to do.* (3) Alice does ((g^B) MOD P)^A MOD P , Bob does ((g^A) MOD P)^B MOD P. A is Alice's private part, (g^B) MOD P is the open part Bob sent, B is Bob's private part ,(g^A) MOD P is the open part Alice sent.** (4)((g^B) MOD P)^A MOD P = (g^B)^A MOD P = (g^A)^B MOD P = ((g^A) MOD P)^B MOD P. Explaining why would take too long, but (g^B)^A = g^(B^A) = g^(A^B) = (g^A)^B , and the MOD P bit makes the numbers small enough to be useful***, as well as making it hard to find a private part from it's open part. (5) Or they ought to if they want the key to be ephemeral. *on average n multiplications and n reductions MOD P where n is the number of bits in the key. Max 2n of each. **the same as * *** there isn't enough storage in the universe to store g^(B^A) as a binary number if A and B are 128-bit numbers. From DHowe@Hawkswing.demon.co.uk Wed, 1 Nov 2000 20:22:31 -0000 Date: Wed, 1 Nov 2000 20:22:31 -0000 From: Dave Howe DHowe@Hawkswing.demon.co.uk Subject: RSA and RIPA Nicholas Bohm wrote: >(a) is intended to be used for the purpose only of generating electronic >signatures; and >(b) has not in fact been used for any other purpose. I could be missing something obvious here, but surely all that is required to remove the protection of (b) is for Plod to HIMSELF generate a message encrypted with that key? Is there something that prevents this? From ben@algroup.co.uk Wed, 01 Nov 2000 20:34:51 +0000 Date: Wed, 01 Nov 2000 20:34:51 +0000 From: Ben Laurie ben@algroup.co.uk Subject: RSA and RIPA Peter Fairbrother wrote: > Anybody know of a signature key scheme that can't be used to encrypt > messages and which has no covert channels? That doesn't require the signee > to be on-line? Signatures can _always_ be used for encryption, via chaffing and winnowing. Cheers, Ben. -- http://www.apache-ssl.org/ben.html "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." Robert Woodruff From peter.fairbrother@ntlworld.com Wed, 01 Nov 2000 20:42:24 +0000 Date: Wed, 01 Nov 2000 20:42:24 +0000 From: Peter Fairbrother peter.fairbrother@ntlworld.com Subject: RSA and RIPA on 1/11/00 8:22 pm, Dave Howe at DHowe@Hawkswing.demon.co.uk wrote: > Nicholas Bohm wrote: >> (a) is intended to be used for the purpose only of generating electronic >> signatures; and >> (b) has not in fact been used for any other purpose. > I could be missing something obvious here, but surely all that is required > to remove the protection of (b) is for Plod to HIMSELF generate a message > encrypted with that key? Is there something that prevents this? Not really, but perhaps the Courts might differentiate between the public and the private RSA keys. Peter From peter.fairbrother@ntlworld.com Wed, 01 Nov 2000 20:45:31 +0000 Date: Wed, 01 Nov 2000 20:45:31 +0000 From: Peter Fairbrother peter.fairbrother@ntlworld.com Subject: RSA and RIPA on 1/11/00 8:34 pm, Ben Laurie at ben@algroup.co.uk wrote: > Peter Fairbrother wrote: >> Anybody know of a signature key scheme that can't be used to encrypt >> messages and which has no covert channels? That doesn't require the signee >> to be on-line? > > Signatures can _always_ be used for encryption, via chaffing and > winnowing. > > Cheers, > > Ben. I don't know where that that's been rigorously mathematically proven, and as the test is whether it has been used for other purposes the difficulty in using it for those purposes is relevant. Peter From peter.fairbrother@ntlworld.com Wed, 01 Nov 2000 21:27:45 +0000 Date: Wed, 01 Nov 2000 21:27:45 +0000 From: Peter Fairbrother peter.fairbrother@ntlworld.com Subject: RIP questions on 1/11/00 1:52 pm, Charles Lindsey at chl@clw.cs.man.ac.uk wrote: > On Tue, 31 Oct 2000 21:27:58 +0000 (/etc/localtime) > Ben Clifford said... [snip] >> Can I disclose as a key an XOR "one-time pad" generated by my >> XORing of the encrypted data and the plaintext? > > You could always try it on. But if Plod spots that the encrytped > data started off with the standard PGP boilerplate, or that the > "one-time-pad" started off with a long string of zeroes, then he could > likely persuade a Court that you were "knowingly" trying to cheat. I'm not absolutely sure that this isn't a loophole in RIPA. Will investigate and answer. See s.50.2.a, s.50.3.c and 50.5 but see s.50.7 as well. Any lawyers. please help! Peter. From peter.fairbrother@ntlworld.com Wed, 01 Nov 2000 21:29:25 +0000 Date: Wed, 01 Nov 2000 21:29:25 +0000 From: Peter Fairbrother peter.fairbrother@ntlworld.com Subject: RIP questions on 1/11/00 5:18 pm, David Swarbrick at david@swarb.freeuk.com wrote: > In message <3.0.5.32.20001101101909.00b73b10@mail.netkonect.co.uk>, > Nicholas Bohm writes >> At 09:27 PM 10/31/2000 +0000, Ben Clifford wrote: >> >> [snip] >> >>> If I somehow use somebody's signature key to encrypt information to them, >>> this then seems to require that they have to give up their key, even if >>> they intended for it to be used only for signatures? >> >> Only if they use their private key to decrypt it. >> > > I know that is the accepted interpretation, but I am not convinced. They > are two numbers. They are chosen together, and are inextricably linked. > There is a separation which takes place, as it were, after birth, but > they only ever make sense when use together, and are incomplete unless > used potentially in combination. They are in principle and often in > practice reversible in use. The choice of one half rather than the > other as public or private is arbitrary. They replace one key, but there > is nothing in logic or use to say that one key may not be made up of two > parts. > > It may well suit a judge to treat them as one key, and historical and > ministerial protestations will not be of great significance. Do the > codes of practice fix this in stone? There ain't no codes of practice. Peter From benc@hawaga.org.uk Wed, 1 Nov 2000 23:30:14 +0000 (/etc/localtime) Date: Wed, 1 Nov 2000 23:30:14 +0000 (/etc/localtime) From: Ben Clifford benc@hawaga.org.uk Subject: RIP questions On Wed, 1 Nov 2000, Owen Blacker wrote: > OK, so you could probably hack about with it in order to > encrypt using the DSS key if you really wanted to, but that'd plainly > be misuse of a key intended only for signatures. But that was my point. Is "misuse" is still "use"? My (non-lawyer) understanding of the act is that, as well as intending for your key to not be used for encyption, it must not actually have been used for encryption [49.9]. So if I encrypt something with your key, no matter how hard you intended me not to be able to, [49.9] doesn't apply. -- http://www.hawaga.org.uk/c0deZ/globeApplet/ for my rotating world map applet http://www.hawaga.org.uk/benc_key.txt GPG key 0x30F06950 - please use it! http://www.hawaga.org.uk/ben/ my homepage From benc@hawaga.org.uk Wed, 1 Nov 2000 23:37:46 +0000 (/etc/localtime) Date: Wed, 1 Nov 2000 23:37:46 +0000 (/etc/localtime) From: Ben Clifford benc@hawaga.org.uk Subject: RIP questions On Wed, 1 Nov 2000, Charles Lindsey wrote: > > How are contributions to costs worked out (eg sec 24, 52) - does it work > > the same way as for existing interception warrants? Either way, how does > > it work? > "As the Secretary of State thinks fit". I see that bit. But does there exist any precedent for this? > > Can I disclose as a key an XOR "one-time pad" generated by my > > XORing of the encrypted data and the plaintext? > > You could always try it on. But if Plod spots that the encrytped > data started off with the standard PGP boilerplate, or that the > "one-time-pad" started off with a long string of zeroes, then he could > likely persuade a Court that you were "knowingly" trying to cheat. How is that cheating? An XOR data is "other data", if not the other things, that facilitates the putting of the data into intelligible form, and, if I am in possession of this XOR at the time of receiving the order, I am allowed to pick which of my keys I give to Plod? I, as the person given notice, am specifically allowed to "which of the keys" [in my possession] "to disclose for the purpose of complying". > > If I somehow use somebody's signature key to encrypt information to them, > > this then seems to require that they have to give up their key, even if > > they intended for it to be used only for signatures? > > Yes, that is one of the known possibilities. But they "wouldn't" > prosecute you in that case, would they? What could they prosecute me for anyway? I wouldn't be breaking any law using someones signature key for encrypting, would I? Or could I be done for some form of harrasment (if such laws exist - I don't know, I just live here) -- http://www.hawaga.org.uk/c0deZ/globeApplet/ for my rotating world map applet http://www.hawaga.org.uk/benc_key.txt GPG key 0x30F06950 - please use it! http://www.hawaga.org.uk/ben/ my homepage From dave@xemu.demon.co.uk Wed, 1 Nov 2000 21:47:03 +0000 Date: Wed, 1 Nov 2000 21:47:03 +0000 From: Dave Bird dave@xemu.demon.co.uk Subject: How RIP-proof is SSL? -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 In message , Ralf Senderek writes >So plod could easily wait until he intercepts one of Alice's communications >and request the session-keys from Syd. Automatically forgetting session-keys >would then be two years worth of jail for Syd. And session-key-backup would >be a key-feature to be build into every implementation being legally used >by Syd. I'd love to hear that I'm wrong. On the second point, when you say "legally used".... if he points out that he can't do some capability, then if it is at all feasible for him to get the capability then they serve an order that he must get it and they will pay part of the cost. Richard or Clive might know whether Plod can order you to "save all keys relating to session with whoever for a given period." Of course this is a case for using a server in a free country, or (better) "onion routing" through changing selections of servers in different countries so Plod can't get to them all. Additionally, if every user takes responsibility for providing his own transient channel keys, then they can only get to use user's comm by attacking each of them one by one. Which becomes infeasible when there are millions. |~/ |~/ ~~|;'^';-._.-;'^';-._.-;'^';-._.-;'^';-._.-;||';-._.-;'^';||_.-;'^'0-|~~ P | Woof Woof, Glug Glug ||____________|| 0 | P O | Who Drowned the Judge's Dog? | . . . . . . . '----. 0 | O O | answers on *---|_______________ @__o0 | O L |_____________|/_______| L www.xemu.demon.co.uk 2B0D 5195 337B A3E6 DDAC BD38 7F2F FD8E 7391 F44F -----BEGIN PGP SIGNATURE----- Version: PGPsdk version 1.7.1 iQA/AwUBOgCPVn8v/Y5zkfRPEQK6WQCfYtHr6ZUeM0mu7VaICNnVsTvQtFUAoJZ8 C48S3Zxkf5OaLHVd/YjCWL+m =/6pX -----END PGP SIGNATURE----- From lawya@lucs-01.novell.leeds.ac.uk Thu, 2 Nov 2000 00:46:41 -0000 Date: Thu, 2 Nov 2000 00:46:41 -0000 From: Yaman Akdeniz lawya@lucs-01.novell.leeds.ac.uk Subject: Cyber-Rights.Net Forms Alliance with Hush Communications Cyber-Rights.Net Forms Alliance with Hush Communications to offer HushMail Private Label to Internet users, http://www.cyber-rights.net Leeds, UK & Dublin, Ireland-(November, 01, 2000) Cyber-Rights & Cyber -Liberties (UK) have partnered with Hush Communications to campaign against the Regulation of Investigatory Powers Act (RIP) 2000, which passed into law in October this year. The Regulation of Investigatory Powers (RIP) Act outlines the extended reach of the UK government?s law enforcement and security agencies in regards to the monitoring and interception of communications across the Internet, and government access to encryption keys. Similar proposals are currently being discussed by the Council of Europe which would give law enforcement agencies extended powers and capabilities for Internet monitoring in more than 40 countries. In an effort to raise public awareness of these important policy issues and to encourage Internet users to use secure communications, Cyber-Rights & Cyber-Liberties (UK) are launching the Cyber- Rights.Net project. The project offers Internet users HushMail Private Label, an encrypted email solution, that employs Hush?s patent-pending Hush Encryption Engine. With HushMail Private Label, Cyber-Rights.Net will be able to offer its visitors and users end-to- end secure email through, http://www.cyber-rights.net. HushMail Private Label fully integrates Hush?s roaming key pair management technology into the Cyber-Rights.Net system enabling its users to send and receive secure mail from any location with access to the Internet throughout the world. Mr. Yaman Akdeniz, Director, Cyber-Rights & Cyber-Liberties (UK) stated: "Both the Website and project promote privacy of communications and hope to raise awareness for security on the Internet. In the absence of clearly defined conditions and safeguards protecting the privacy of communications in homes and in working environments, it is time for the individual to take action and protect their communications. Cyber-Rights.Net will be an additional tool for concerned Internet users when securing their communications." Cyber-Rights & Cyber-Liberties (UK) is dedicated to the promotion of secure and private communications over the Internet and has been influential in the national and international policy making process. Jon Matonis, CEO of Hush Communications said, "We are excited to be a part of the Cyber-Rights & Cyber-Liberties project. HushMail Private Label will offer Cyber-Rights.Net users the most secure and user- friendly email solution available on the market today. From everyday Internet users to legal and medical professionals, Hush protects online communications." >From its inception, Hush Communications has been dedicated to the privacy rights. The company?s core technology was specifically developed to protect the communications and transactions of anyone with access to the Internet. While Hush offers a variety of products and services for sale, its flagship product, HushMail.Com (www.hushmail.com), provides fully encrypted, Web-based email, free of charge, to the general public. Hush posts its source code for review and download at www.hush.ai. About Cyber-Rights & Cyber-Liberties (UK) Cyber-Rights & Cyber-Liberties (UK) (http://www.cyber-rights.org), is a non-profit organisation established to protect the interests of all honest, law abiding Internet users with the aim of promoting free speech and privacy on the Internet. It was founded in 1997 and has been actively involved with the Internet policy-making process of the UK government, the European Union, Council of Europe, OECD, and the United Nations. About Hush Communications Corporation Hush is the premier provider of encryption products and services in the secure communications industry. The company?s SDK, Software Developer Kit, allows other Web-based infrastructure companies and application providers to design product and service offerings that utilise the Hush Key Server Network. Hush has strategic alliances with Netsmart (www.netsmart.com), NetNation Communications (www.netnation.com) and Security Portal (www.securityportal.com), and its investors include OffRoad Capital Corporation (www.offroadcapital.com). Hush Communications is the leading market share for encryption key management services and has users in every country in the world. Hush Communications Corporation is a U.S. company with subsidiary companies located in Dublin, Ireland; Salt Lake City, Utah; and Austin, Texas and is the provider of HushMail.Com, HushMail Private Label, and HushPOP with worldwide headquarters based in Dublin, Ireland. Contact Details Cyber-Rights & Cyber-Liberties (UK) Mr. Yaman Akdeniz, Director, Cyber-Rights & Cyber-Liberties (UK) Url: http://www.cyber-rights.org E-mail: lawya@cyber-rights.org Tel: +44 (0)7798 865116 Dr. Louise Ellison, Deputy Director, Cyber-Rights & Cyber-Liberties (UK) Tel: +44 (0) 118 9875123 (ext. 7507) E-mail: lawlee@cyber-rights.org Hush Communications Genevieve Van Cleve Ciara Hudson 22 Upper Pembroke St. Dublin 2, Ireland Phone: +353-1-241-0367 Fax: +353-1-241-0370 genvc@hushmail.com ciara@hushmail.com From brg@gladman.plus.com Wed, 1 Nov 2000 20:32:31 -0000 Date: Wed, 1 Nov 2000 20:32:31 -0000 From: Brian Gladman brg@gladman.plus.com Subject: RSA and RIPA From: "Dave Howe" To: Sent: Wednesday, November 01, 2000 8:22 PM Subject: Re: RSA and RIPA > Nicholas Bohm wrote: > >(a) is intended to be used for the purpose only of generating electronic > >signatures; and > >(b) has not in fact been used for any other purpose. > I could be missing something obvious here, but surely all that is required > to remove the protection of (b) is for Plod to HIMSELF generate a message > encrypted with that key? Is there something that prevents this? The issue is that of the private part of the key being used for decryption - even if the public part has been used for encryption, the theory is that the private helf is safe provided that it is never used to decrypt anything. Many (including me) don't find this of much comfort though. Brian From donald@ramsbottom.co.uk Thu, 02 Nov 2000 06:18:52 +0000 Date: Thu, 02 Nov 2000 06:18:52 +0000 From: Donald Ramsbottom donald@ramsbottom.co.uk Subject: Wylde OSA case falls apart The case against Wylde has been dropped. The detail can be found at: http://www.the-times.co.uk/article/0,,28966,00.html It looks as though Duncan Campbell's analysis of the material was crucial, well done. Donald Ramsbottom LL.B, BA (Hons). RAMSBOTTOM & Co. Solicitors Internet Law & Global Cryptology Law Specialists 5 Seagrove Avenue, Hayling Island, Hants, PO11 9EU, England. Tel (44) (023) 9246 5931 Fax (44) (023)9246 8349 Ramsbottom & Co is regulated by the Law Society in the conduct of investment business Service by Fax or E-Mail NOT Accepted From donald@ramsbottom.co.uk Thu, 02 Nov 2000 06:35:58 +0000 Date: Thu, 02 Nov 2000 06:35:58 +0000 From: Donald Ramsbottom donald@ramsbottom.co.uk Subject: HO IT fails again Another HO boob at: http://www.thetimes.co.uk/article/0,,28974,00.html How difficult can it be to make a data base work when you have thrown =A3100= m at it? Donald Ramsbottom LL.B, BA (Hons). RAMSBOTTOM & Co. Solicitors Internet Law & Global Cryptology Law Specialists 5 Seagrove Avenue, Hayling Island, Hants, PO11 9EU, England. Tel (44) (023) 9246 5931 Fax (44) (023)9246 8349 Ramsbottom & Co is regulated by the Law Society in the conduct of investment business Service by Fax or E-Mail NOT Accepted From peter.fairbrother@ntlworld.com Thu, 02 Nov 2000 08:45:26 +0000 Date: Thu, 02 Nov 2000 08:45:26 +0000 From: Peter Fairbrother peter.fairbrother@ntlworld.com Subject: Hushmail Finally had the time to look at hushmail. It's basically RSA except the private keys are "encrypted with blowfish and a passphrase" (how? why?) and stored encrypted on their server. The ony advantage I can see is that you don't have to remember your private key. No forward secrecy. No protection against RIPA at all. Waste of time. -- Peter Fairbrother peter.fairbrother@ntlworld.com From steve@greenend.org.uk Thu, 2 Nov 2000 11:16:20 +0000 (GMT) Date: Thu, 2 Nov 2000 11:16:20 +0000 (GMT) From: Stephen Early steve@greenend.org.uk Subject: HO IT fails again On Thursday, 2 Nov 2000, Donald Ramsbottom wrote: > How difficult can it be to make a data base work when you have > thrown =A3100m at it? The problem may be precisely that it has had money thrown at it - providing additional resources to large projects, particularly computer-related ones, is counterproductive. In a world where politics demands that "this project will not fail", and at the first hint of failure top-level management try to "fix it" by throwing money, this ensures regular expensive failures... Steve Early From chl@clw.cs.man.ac.uk Thu, 2 Nov 2000 09:46:44 +0000 (GMT) Date: Thu, 2 Nov 2000 09:46:44 +0000 (GMT) From: Charles Lindsey chl@clw.cs.man.ac.uk Subject: RIP questions On Wed, 1 Nov 2000 23:37:46 +0000 (/etc/localtime) Ben Clifford said... > > On Wed, 1 Nov 2000, Charles Lindsey wrote: > > > > If I somehow use somebody's signature key to encrypt information to them, > > > this then seems to require that they have to give up their key, even if > > > they intended for it to be used only for signatures? > > > > Yes, that is one of the known possibilities. But they "wouldn't" > > prosecute you in that case, would they? > > What could they prosecute me for anyway? I wouldn't be breaking any law > using someones signature key for encrypting, would I? Or could I be done > for some form of harrasment (if such laws exist - I don't know, I just > live here) What I meant was that they "wouldn't" prosecute the person unwittingly receiving the communication, because they are all nice decent chaps, and it wouldn't be cricket, would it? That must be correct, because that is what the nice Minister said in Committee. Charles H. Lindsey ---------At Home, doing my own thing------------------------ Email: chl@clw.cs.man.ac.uk Web: http://www.cs.man.ac.uk/~chl Voice/Fax: +44 161 437 4506 Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K. PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5 From chl@clw.cs.man.ac.uk Thu, 2 Nov 2000 09:49:43 +0000 (GMT) Date: Thu, 2 Nov 2000 09:49:43 +0000 (GMT) From: Charles Lindsey chl@clw.cs.man.ac.uk Subject: How RIP-proof is SSL? On Wed, 1 Nov 2000 21:47:03 +0000 Dave Bird said... > On the second point, when you say "legally used".... if he points > out that he can't do some capability, then if it is at all feasible > for him to get the capability then they serve an order that he > must get it and they will pay part of the cost. There is nothing in the Act authorising them to serve that kind of order. > > Richard or Clive might know whether Plod can order you to "save > all keys relating to session with whoever for a given period." Nor that. There is provision for requiring ISPs to install a capability for interception, but not for decryption. Charles H. Lindsey ---------At Home, doing my own thing------------------------ Email: chl@clw.cs.man.ac.uk Web: http://www.cs.man.ac.uk/~chl Voice/Fax: +44 161 437 4506 Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K. PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5 From Pete.Chown@skygate.co.uk Thu, 2 Nov 2000 14:00:51 +0000 Date: Thu, 2 Nov 2000 14:00:51 +0000 From: Pete Chown Pete.Chown@skygate.co.uk Subject: RIP questions David Swarbrick wrote: > [Public and private keys] are in principle and often in > practice reversible in use. The choice of one half rather than the > other as public or private is arbitrary. Actually this is only true of RSA (out of the schemes in common use, anyway). With the ElGamal type schemes (DSA, Diffie-Hellman, and ElGamal itself) there is no symmetry between the keys in this way. Also for efficiency reasons RSA often uses a small number (3 for example) as the public key. Obviously in this case you can't reverse the keys because it would be rather easy to guess the private one! (It would still work mathematically though.) -- Pete From chl@clw.cs.man.ac.uk Thu, 2 Nov 2000 15:03:28 +0000 (GMT) Date: Thu, 2 Nov 2000 15:03:28 +0000 (GMT) From: Charles Lindsey chl@clw.cs.man.ac.uk Subject: RIP questions On Thu, 2 Nov 2000 14:00:51 +0000 Pete Chown said... > > David Swarbrick wrote: > > > [Public and private keys] are in principle and often in > > practice reversible in use. The choice of one half rather than the > > other as public or private is arbitrary. > > Actually this is only true of RSA (out of the schemes in common use, > anyway). With the ElGamal type schemes (DSA, Diffie-Hellman, and > ElGamal itself) there is no symmetry between the keys in this way. > > Also for efficiency reasons RSA often uses a small number (3 for > example) as the public key. Obviously in this case you can't reverse > the keys because it would be rather easy to guess the private one! > (It would still work mathematically though.) > Eh? Surely the important part of the public key is the product of the two primes, which is supposed to be arbitrarily hard to factor. OTOH, the private key usually comprises the two primes themselves, so if you have the private key, you can easily derive the public one. So they are not symetrical in that respect. Charles H. Lindsey ---------At Home, doing my own thing------------------------ Email: chl@clw.cs.man.ac.uk Web: http://www.cs.man.ac.uk/~chl Voice/Fax: +44 161 437 4506 Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K. PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5 From pleyland@microsoft.com Thu, 2 Nov 2000 07:26:27 -0800 Date: Thu, 2 Nov 2000 07:26:27 -0800 From: Paul Leyland pleyland@microsoft.com Subject: RIP questions > > Also for efficiency reasons RSA often uses a small number (3 for > > example) as the public key. Obviously in this case you can't reverse > > the keys because it would be rather easy to guess the private one! > > (It would still work mathematically though.) > Eh? Surely the important part of the public key is the product of the > two primes, which is supposed to be arbitrarily hard to factor. No Sir, your monkey has it right Sir. (No prizes for saying where that comes from.) > OTOH, the private key usually comprises the two primes > themselves, so if you have the private key, you can easily > derive the public one. So they are not symetrical in that respect. Keeping the two primes around can lead to an important efficiency hack, but is not needed. The private exponent is the only portion that *needs* to be kept private. The public exponent and public modulus are the only portions that can be public; everything else, including the factors of the modulus (or, equivalently it's totient function) can be discarded. Unless you're interested in the efficiency gains it's probably best to discard the primes on the (possibly dubious) grounds that the smaller number of secrets you have the safer you are. And, indeed, if the private exponent is guessable the RSA scheme in question is not secure. Paul From donald@ramsbottom.co.uk Thu, 02 Nov 2000 17:12:01 +0000 Date: Thu, 02 Nov 2000 17:12:01 +0000 From: Donald Ramsbottom donald@ramsbottom.co.uk Subject: H.R. 2413 Below is a snippet about the Computer Security Enhancement Act. Shades of RIP accross the Pond. The extract is from E-Commerce weekly. House Passes Computer Security Enhancement Act of 2000 On October 24th, the House passed by voice vote the Computer Security Enhancement Act of 2000 (H.R. 2413). H.R. 2413 would require the National Institute of Standards and Technology (NIST) to establish voluntary standards to promote the interoperability of private industry Public Key Infrastructures (PKIs) with their federal government counterparts, and to provide guidance to federal agencies for protecting the security and privacy of sensitive information in federal computer systems. While these basic mandates are relatively innocuous, the bill would also require the development of standards for the federal government's use of electronic authentication technologies generally, as well as separate specifications for the federal government's use of PKI technologies. Finally, H.R. 2413 would require the establishment of a National Policy Panel for Digital Signatures to develop standards to ensure the accuracy, reliability and security of certification authority (CA) operations; guidelines to ensure consistency among jurisdictions that license CAs; and CA audit procedures. These standards would apply to all PKI activities, including those in the private sector. Donald Ramsbottom LL.B, BA (Hons). RAMSBOTTOM & Co. Solicitors Internet Law & Global Cryptology Law Specialists 5 Seagrove Avenue, Hayling Island, Hants, PO11 9EU, England. Tel (44) (023) 9246 5931 Fax (44) (023)9246 8349 Ramsbottom & Co is regulated by the Law Society in the conduct of investment business Service by Fax or E-Mail NOT Accepted From peter.fairbrother@ntlworld.com Thu, 02 Nov 2000 17:31:14 +0000 Date: Thu, 02 Nov 2000 17:31:14 +0000 From: Peter Fairbrother peter.fairbrother@ntlworld.com Subject: Hushmail on 2/11/00 8:45 am, Peter Fairbrother at peter.fairbrother@ntlworld.com wrote: > Finally had the time to look at hushmail. It's basically RSA except the > private keys are "encrypted with blowfish and a passphrase" (how? why?) and > stored encrypted on their server. The ony advantage I can see is that you > don't have to remember your private key. > > No forward secrecy. > > No protection against RIPA at all. > > Waste of time. At least that's from what their blurb says. After looking at the source code it might not be so bad. To start up the client sends a random-ish start session key to the server encrypted with the server's public key. Then the server sends a new session key encrypted with the start session key. "this prevents against complete session replay attacks"(?) This could provide some forward secrecy if the server changes it's public key often enough. No info on this at present, but reading between the lines it looks like they don't. Then there's the ssl in the https, but we don't trust that, do we? Especially when we don't know what protocol it's using. Hushmail use ElGamal not RSA. And there was me believing the blurb! Jack the RIPA From oml@eloka.demon.co.uk Thu, 2 Nov 2000 19:06:23 -0000 Date: Thu, 2 Nov 2000 19:06:23 -0000 From: Owen Lewis oml@eloka.demon.co.uk Subject: BBFC? VCHIP-UK? ----- Original Message ----- From: "Roger Hird" To: Sent: 27 October 2000 11:03 Subject: Re: BBFC? VCHIP-UK? > On 27 Oct, Owen Lewis wrote: > > such pedantry destroys . . . . . > > Pedantry? Come on, Mr Lewis - ukcrypto is a pedants' paradise*! Filter > out the pedantry and a large proportion of the postings would never > appear. But see further below. > > *not to say a paranoids' paradise and an obsessives' . . ah, well, my > powers of alliteration fail me. All willingly agreed. > > > the filicitous counterpoint between the two > > mottos selected. 'One of the Crown's mottos', then, should you prefer :-) > > Well, I'm not sure even there. "The Crown" in the UK tends to mean the > sovereign power - and as I remember, it used to be defined by > constitutional lawyers as the King or Queen in Parliament. As such it > does not have a motto. Now, the Sovereign personally (different thing) > has the one on her coat of arms, which is the UK's coat of arms, so the UK > - all of us - has one. But "Honi soit qui mal y pense" is not hers as > sovereign or that of the UK - it is the Order of the Garter's. What you say is a truth devoid of understanding and, thus, becomes a misrepresentation. The Garter is an order of chivalry appointment to which is at the entire discretion of the ruling monarch, one of whose forebears in person instituted it and whose successors to the present day have maintained it. The Order, and hence the motto given to it by its institutor, pertains to the monarch in person and to no jack-in-office. > More seriously, these threads have been about the actions and > responsibilities and intentions of Government and Government bodies in the > UK. This is only to do with "the Crown" in its constitutional sense. The > central constitutional theme since the 17th century has been that > Parliament is sovereign (NB - small "s"). The monarch gives her/his > authority to Parliament and in Parliament and in the administration of law > and justice acts only on the advice of her ministers. Even the prerogative > power is only excercised on advice. Those things she/he does in a > personal capacity are strictly limited (including, actually, her role as > sovereign of the Order of the Garter). So you may say and repeat a popular, or rather a populist, view in doing so. Read on. > > So while you might have made an apparently clever point it was not as > felicitous as you thought it - and it was really rather infelicitous to > link something personal to the monarch to the exercise of state power by > parliament and by ministers and their officials. Very well then, prenez garde! It's pedantry at 20 paces. Surely, you find the thought, that the state can even arrogate to itself what is and should remain at the personal will of the monarch, much to your liking? It was a part of my purpose to include that thought within my construction of incongruities. I'm sorry that your interpretation of that construction should lead you to stand with one leg each side of a widening fissure. If not uncomfortable now, do take care that position does not become so. Those who bear arms for the nation are Crown servants. They swear an oath of allegiance to the reigning monarch and 'her heirs and successors'. Such allegiance as they may owe to Parliament is at the sole pleasure of Her Majesty. Should Her Majesty so require it of them, it would not only be their duty but, to many, a welcome one, to enter the Commons's chamber and to evict the mountebanks, who squat in her Palace of Westminster, at the point of a bayonet. Such is the law of our land. A quaint anomaly is that it is not the monarch's privy purse that pays for the Armed Forces but Houses of Parliament that rely for their very existence upon Her Majesty's continuing goodwill. It is for this reason that, in its turn, Parliament ensures that the Armed Forces cannot be kept permanently in being,. It sanctions their payment and hence their continuance only for one year at a time. Thus it has been since the Restoration. Members of Parliament are not Crown servants in the way that the Armed Forces and others are but (pace Peter Mandelson, Gerry Adams et al) they are still required to swear an oath of allegiance to the monarch before they may sit in her Palace of Westminster. You may know too that those Member's of the Commons in opposition to Her Majesty's government are, collectively, known as 'Her Majesty's loyal opposition', they also being bound to the monarch in person by their oaths. The Crown is a term for the monarchical office from which all else, including the executive and parliament, draw their authority. Given that it is now a common usage to apply the term 'Crown' to mere jack's-in-office, your mistaken understanding is a commonplace but remains unforgivable in one seeking to make his reputation as a pedant. Without wishing to inhibit your right of reply, should we perhaps continue this exhibition match behind the arras of private mail? With regards, Owen From C.R.Ritson@ncl.ac.uk Thu, 02 Nov 2000 14:48:40 +0000 Date: Thu, 02 Nov 2000 14:48:40 +0000 From: Chris Ritson C.R.Ritson@ncl.ac.uk Subject: RIP questions At 23:30 01/11/2000 +0000, you wrote: >On Wed, 1 Nov 2000, Owen Blacker wrote: > > > OK, so you could probably hack about with it in order to > > encrypt using the DSS key if you really wanted to, but that'd plainly > > be misuse of a key intended only for signatures. > >But that was my point. > >Is "misuse" is still "use"? > >My (non-lawyer) understanding of the act is that, as well as intending for >your key to not be used for encyption, it must not actually have been used >for encryption [49.9]. So if I encrypt something with your key, no matter >how hard you intended me not to be able to, [49.9] doesn't apply. IANAL. If someone, even PLOD, deliberately used a key that was listed as for signature only to encrypt something, so as to force that key to be released, could that person be sued for damages? Does it stand any chance at all? This would end up being on the balance of probabilities wouldn't it? Chris Ritson -- EMAIL: C.R.Ritson@newcastle.ac.uk POST: Chris Ritson, PHONE: +44 191 222 8175 Department of Computing Science, FAX : +44 191 222 8232 University of Newcastle upon Tyne, ROOM: 618 Claremont Bridge (the Mill) United Kingdom NE1 7RU. From dave@xemu.demon.co.uk Thu, 2 Nov 2000 19:45:06 +0000 Date: Thu, 2 Nov 2000 19:45:06 +0000 From: Dave Bird dave@xemu.demon.co.uk Subject: How RIP-proof is SSL? -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 In message <200011020949.JAA18095@clw.cs.man.ac.uk>, Charles Lindsey writes > On Wed, 1 Nov 2000 21:47:03 +0000 > Dave Bird said... >> On the second point, when you say "legally used".... if he points >> out that he can't do some capability, then if it is at all feasible >> for him to get the capability then they serve an order that he >> must get it and they will pay part of the cost. > >There is nothing in the Act authorising them to serve that kind of order. >> >> Richard or Clive might know whether Plod can order you to "save >> all keys relating to session with whoever for a given period." > >Nor that. There is provision for requiring ISPs to install a capability >for interception, but not for decryption. I thought they were section 13 orders, and that capability to intercept might include "...in clear form" (i.e. decryption). I'd be interested in an ISp response on this..... |~/ |~/ ~~|;'^';-._.-;'^';-._.-;'^';-._.-;'^';-._.-;||';-._.-;'^';||_.-;'^'0-|~~ P | Woof Woof, Glug Glug ||____________|| 0 | P O | Who Drowned the Judge's Dog? | . . . . . . . '----. 0 | O O | answers on *---|_______________ @__o0 | O L |_____________|/_______| L www.xemu.demon.co.uk 2B0D 5195 337B A3E6 DDAC BD38 7F2F FD8E 7391 F44F -----BEGIN PGP SIGNATURE----- Version: PGPsdk version 1.7.1 iQA/AwUBOgHEQn8v/Y5zkfRPEQL5hACfSrn4Z8fMLOr7Sx1TfAo0P6RgLw0AoJL6 ZIaVhDNbG95RvatmBO5HtRyk =ilMD -----END PGP SIGNATURE----- From peter.fairbrother@ntlworld.com Wed, 01 Nov 2000 21:03:56 +0000 Date: Wed, 01 Nov 2000 21:03:56 +0000 From: Peter Fairbrother peter.fairbrother@ntlworld.com Subject: RSA and RIPA on 1/11/00 7:13 pm, Nicholas Bohm at nbohm@ernest.net wrote: > At 05:17 PM 11/1/2000 +0000, Peter Fairbrother wrote: >> First of all, there is no advantage in using RSA for anything except >> signatures in crypto designed for resistance to RIPA. Ephemeral keys are >> better handled by Diffie-Hellman, although they must of course be signed= , >> perhaps by RSA. Long-term RSA keys are likely to be subject to orders to >> reveal them. The main advantage of RSA for message-sending, that only th= e >> private key holder can read the message, is removed by RIPA's ability to >> demand keys. >>=20 >> Secondly, that very advantage devalues RSA's usefulness as a signature k= ey >> scheme. The Act allows exemption from orders to reveal any key which: >>=20 >> (a) is intended to be used for the purpose only of generating electronic >> signatures; and >> =A0 >> =A0 =20 >> (b) has not in fact been used for any other purpose. >>=20 >> (s.49.9). As RSA public keys can be so easily used to encrypt messages, = it >> is hard to prove that the private key has not ben used to decrypt them. = This >> applies to all RSA keys, including Certificating Authority keys. >=20 > The burden of proof is in principle the other way: Plod must prove it > isn't a signature key. (Signature-only key)(Signature key only) To what standard of proof? To issue a legal order? Balance of probalities o= r beyond reasonable doubt? Anyone can use the public RSA key to encrypt, whether the private key has been used to decrypt is aanyones guess. > In practice (as Dave Swarbrick long ago pointed out) this is less comfort > than is required. The reason is that the person facing the demand for th= e > key has to decide then and there whether to refuse. Especially in a > corporate environment, at that point he or she may have no way of being > confident that nobody else has ever used the key to decrypt, And how could he/she know? > and that Plod > is bluffing (Plod need produce no evidence at this stage). So corporate > signature keys are at risk in practice if Plod for some reason thinks the= y > have been used to decrypt. Or just pretends to have a reason? Or just suspects it might have been so used? Help, please. >=20 > Regards, >=20 > Nicholas Bohm From owenfb@easynet.co.uk Thu, 02 Nov 2000 16:34:33 +0000 Date: Thu, 02 Nov 2000 16:34:33 +0000 From: Owen Blacker owenfb@easynet.co.uk Subject: Hushmail > Finally had the time to look at hushmail. It's basically RSA > except the > private keys are "encrypted with blowfish and a passphrase" (how? > why?) and > stored encrypted on their server. The ony advantage I can see is > that you > don't have to remember your private key. > > No forward secrecy. > > No protection against RIPA at all. > > Waste of time. Doesn't the fact that it's hosted outside of the UK mean that UK LEAs have no authority to demand keys from Hushmail -- thus protecting against RIP :o) ----- Owen Blacker Senior Internet Developer and Internet Security Consultant I now have new PGP keys -- qv http://www.owens-place.org.uk/pgp.html Sig 0x00036874 | d39f b776 fa20 c125 b0e2 aa6d 555e 4126 0003 6874 This message was sent by Easymail - http://www.easynet.co.uk/ From duncan@gn.apc.org Thu, 02 Nov 2000 21:50:05 +0000 Date: Thu, 02 Nov 2000 21:50:05 +0000 From: Duncan Campbell duncan@gn.apc.org Subject: Wylde OSA case falls apart Collapse of Wylde OSA case The entirety of what the government complained about can be seen on the net at http://jya.com/irish-war.htm A compilation of the days press on this subject is at. http://www.iptvreports.mcmail.com/Official%20secrets%20trial%20collapses.htm One of the more incredible aspects of the case - literally - was that one of the Army's "experts" - major who claimed to be a top-notch expert in IT - asserted that the publication of the codenames of a few computer systems would open them up to hacking and "denial of service attacks". They were closed systems accessed only by secure terminals in high security buildings. The abandonment of the case has saved them much (more) humiliation. Duncan Campbell From peter.fairbrother@ntlworld.com Thu, 02 Nov 2000 21:59:56 +0000 Date: Thu, 02 Nov 2000 21:59:56 +0000 From: Peter Fairbrother peter.fairbrother@ntlworld.com Subject: Hushmail on 2/11/00 4:34 pm, Owen Blacker at owenfb@easynet.co.uk wrote: >> Finally had the time to look at hushmail. It's basically RSA >> except the >> private keys are "encrypted with blowfish and a passphrase" (how? >> why?) and >> stored encrypted on their server. The ony advantage I can see is >> that you >> don't have to remember your private key. >> >> No forward secrecy. >> >> No protection against RIPA at all. >> >> Waste of time. > > Doesn't the fact that it's hosted outside of the UK mean that UK LEAs > have no authority to demand keys from Hushmail -- thus protecting against > RIP :o) Not reliably according to Hush. Their answer has so many caveats that I wouldn't trust it for this, tho' it might make a difference. But see my later post Peter From chl@clw.cs.man.ac.uk Thu, 2 Nov 2000 22:33:25 +0000 (GMT) Date: Thu, 2 Nov 2000 22:33:25 +0000 (GMT) From: Charles Lindsey chl@clw.cs.man.ac.uk Subject: Europe to investigate legality of RIP http://www.theregister.co.uk/content/1/14288.html Charles H. Lindsey ---------At Home, doing my own thing------------------------ Email: chl@clw.cs.man.ac.uk Web: http://www.cs.man.ac.uk/~chl Voice/Fax: +44 161 436 6131 Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K. PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5 From benc@hawaga.org.uk Thu, 2 Nov 2000 23:14:40 +0000 (/etc/localtime) Date: Thu, 2 Nov 2000 23:14:40 +0000 (/etc/localtime) From: Ben Clifford benc@hawaga.org.uk Subject: RIP questions On Thu, 2 Nov 2000, Charles Lindsey wrote: > > What could they prosecute me for anyway? I wouldn't be breaking any law > > using someones signature key for encrypting, would I? Or could I be done > > for some form of harrasment (if such laws exist - I don't know, I just > > live here) > > What I meant was that they "wouldn't" prosecute the person unwittingly > receiving the communication, because they are all nice decent chaps, and > it wouldn't be cricket, would it? That must be correct, because that is > what the nice Minister said in Committee. I replied to this earlier, but it doesn't seem to have appeared :-( I was deliberately misunderstanding you. But my question was serious. If I encrypt a message with your signature key, can you (or anyone else) or anyone else "get me back" in any way? -- http://www.hawaga.org.uk/c0deZ/globeApplet/ for my rotating world map applet http://www.hawaga.org.uk/benc_key.txt GPG key 0x30F06950 - please use it! http://www.hawaga.org.uk/ben/ my homepage From rguerra@yahoo.com Thu, 02 Nov 2000 20:19:05 -0500 Date: Thu, 02 Nov 2000 20:19:05 -0500 From: Robert Guerra rguerra@yahoo.com Subject: Health privacy Regulations in UK -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi: I need to obtain ASAP a print, or better yet an electronic copy of the regulations pertaining to Health Informatics/privacy in the UK for research I am conducting in the field. if you can help me with this, send me an private email. Yours Sincerely, Robert Guerra Toronto, Canada Robert Guerra WWW Page Crypto & PGP Page -----BEGIN PGP SIGNATURE----- Version: SafeMail 2.0 Comment: Digital Signatures ensure message authenticity. Charset: noconv iQA/AwUBOgIShcKdCsHMpdeSEQIHTQCgoJWb4ewardV/qX3nAgbdgBT9JYsAoLEI T7REdTsDUojL1QZA5XYXc/Ce =9dW8 -----END PGP SIGNATURE----- From Richard.Cox@mandarin.org Fri, 3 Nov 2000 01:25 +0000 (GMT Standard Time) Date: Fri, 3 Nov 2000 01:25 +0000 (GMT Standard Time) From: Richard D G Cox Richard.Cox@mandarin.org Subject: GPL in the UK David Howe wrote: > The Inland Revenue have a past history of pulling some pretty dubious > stunts to get their VAT owed, and getting away with it. I think that you will find it is HM Customs and Excise, rather than the Inland Revenue that try to get VAT claimed - whether really owed or not! But yes, they do indeed like to operate right up to the limit of what is legal. And often coming from the far side into that limit, rather than the near side out! I'm currently considering bringing a contempt action against them under the new civil rules for exactly this type of behaviour. Richard Cox From david@swarb.freeuk.com Fri, 3 Nov 2000 06:33:21 +0000 Date: Fri, 3 Nov 2000 06:33:21 +0000 From: David Swarbrick david@swarb.freeuk.com Subject: GPL in the UK In message , Richard D G Cox writes >David Howe wrote: >> The Inland Revenue have a past history of pulling some pretty dubious >> stunts to get their VAT owed, and getting away with it. > >I think that you will find it is HM Customs and Excise, rather than the >Inland Revenue that try to get VAT claimed - whether really owed or not! > >But yes, they do indeed like to operate right up to the limit of what is >legal. And often coming from the far side into that limit, rather than >the near side out! I'm currently considering bringing a contempt action >against them under the new civil rules for exactly this type of behaviour. > The first time I ever cam across a VAT officer was watching him put a sledgehammer through a neighbour's office. It has always coloured my understanding of who they are. > -- David Swarbrick, Solicitor. Computer and Internet Law and Contracts david@swarb.freeuk.com T: +44(0)1484 722531 F: +44(0)1484 716617 Law-index of 11,400+ case summaries at www.swarb.co.uk From nbohm@ernest.net Fri, 03 Nov 2000 09:56:30 +0000 Date: Fri, 03 Nov 2000 09:56:30 +0000 From: Nicholas Bohm nbohm@ernest.net Subject: RSA and RIPA At 09:03 PM 11/1/2000 +0000, Peter Fairbrother wrote: >on 1/11/00 7:13 pm, Nicholas Bohm at nbohm@ernest.net wrote: > >> At 05:17 PM 11/1/2000 +0000, Peter Fairbrother wrote: >>> First of all, there is no advantage in using RSA for anything except >>> signatures in crypto designed for resistance to RIPA. Ephemeral keys are >>> better handled by Diffie-Hellman, although they must of course be= signed, >>> perhaps by RSA. Long-term RSA keys are likely to be subject to orders to >>> reveal them. The main advantage of RSA for message-sending, that only= the >>> private key holder can read the message, is removed by RIPA's ability to >>> demand keys. >>>=20 >>> Secondly, that very advantage devalues RSA's usefulness as a signature= key >>> scheme. The Act allows exemption from orders to reveal any key which: >>>=20 >>> (a) is intended to be used for the purpose only of generating electronic >>> signatures; and >>> =A0 >>> =A0 =20 >>> (b) has not in fact been used for any other purpose. >>>=20 >>> (s.49.9). As RSA public keys can be so easily used to encrypt messages,= it >>> is hard to prove that the private key has not ben used to decrypt them. This >>> applies to all RSA keys, including Certificating Authority keys. >>=20 >> The burden of proof is in principle the other way: Plod must prove it >> isn't a signature key. > >(Signature-only key)(Signature key only) > >To what standard of proof? To issue a legal order? Balance of probalities= or >beyond reasonable doubt? Anyone can use the public RSA key to encrypt, >whether the private key has been used to decrypt is aanyones guess. To convict you, Plod must prove beyond reasonable doubt that you failed to hand over a private key that was not a signature-only key; so he must prove it wasn't a signature-only key. >> In practice (as Dave Swarbrick long ago pointed out) this is less comfort >> than is required. The reason is that the person facing the demand for= the >> key has to decide then and there whether to refuse. Especially in a >> corporate environment, at that point he or she may have no way of being >> confident that nobody else has ever used the key to decrypt, > >And how could he/she know? With difficulty, depending on the relevant access controls and logs. >> and that Plod >> is bluffing (Plod need produce no evidence at this stage). So corporate >> signature keys are at risk in practice if Plod for some reason thinks= they >> have been used to decrypt. > >Or just pretends to have a reason? Or just suspects it might have been so >used? I chose to assume Plod would genuinely think the key had been used for decryption. Anyone is free to make alternative assumptions about Plod's reasons for seeking a signature key. Regards, Nicholas Bohm Salkyns, Great Canfield, Takeley, Bishop's Stortford CM22 6SX, UK Phone 01279 871272 (+44 1279 871272) Fax 01279 870215 (+44 1279 870215) Mobile 07715 419728 (+44 7715 419728) PGP RSA 1024 bit public key ID: 0x08340015. Fingerprint: 9E 15 FB 2A 54 96 24 37 98 A2 E0 D1 34 13 48 07 PGP DSS/DH 1024/3072 public key ID: 0x899DD7FF. Fingerprint: 5248 1320 B42E 84FC 1E8B A9E6 0912 AE66 899D D7FF From oml@eloka.demon.co.uk Fri, 3 Nov 2000 11:39:40 -0000 Date: Fri, 3 Nov 2000 11:39:40 -0000 From: Owen Lewis oml@eloka.demon.co.uk Subject: GPL in the UK ----- Original Message ----- From: "David Swarbrick" To: Sent: 03 November 2000 06:33 Subject: Re: GPL in the UK > In message , Richard D G > Cox writes > >David Howe wrote: > >> The Inland Revenue have a past history of pulling some pretty dubious > >> stunts to get their VAT owed, and getting away with it. > > > >I think that you will find it is HM Customs and Excise, rather than the > >Inland Revenue that try to get VAT claimed - whether really owed or not! > > > >But yes, they do indeed like to operate right up to the limit of what is > >legal. And often coming from the far side into that limit, rather than > >the near side out! I'm currently considering bringing a contempt action > >against them under the new civil rules for exactly this type of behaviour. > > > The first time I ever cam across a VAT officer was watching him put a > sledgehammer through a neighbour's office. It has always coloured my > understanding of who they are. The history of C&E as a bunch of poachers turned gamekeepers extends back at least to the reciprocal French and English blockades of Napoleonic times. It is perhaps the lead echelon of rough play of governments against their own people. They are unconstrained by many of the public safegaurds within which the police should abide. I think much of this results from the old and popular attitude that all taxation is an unfair burden and that exise duty, in particular, is simply an irritation to be evaded if one can. The Us and Them atitude seems to pervade the Customs and Excise service and - make no bones about it - you and I are, as your neighbour, definitely a part of Them. This list tends to focus its attention somewhat on the dangers to liberty of just police powers and the powers of the 'security services'. It is deeply mistaken in this common view. The latitude historically afforded to C&E is still grasped with both hands and with the benefits of modern technology, specifically electronic surveillance, used to the full. If C&E leads the pack in surveillance of the general population, the Department of Social Services is coming up fast on the inside rail public and even Local Authorities are beginning to show. If the concern is loss of personal privacy that it is these last two above all who should be, by law, told to mind their own business and what the limits of that business and the means of minding it are. I can't see this happening though. Attacking the powers of state security in particular may appear to some to be brave, glamourous and libertarian. In fact most of a lot of it is based on little information, short sight and/or political attitude. There's rarely more than a cheep about the growing risk to liberty of the Deus ex Machina of Social Services. This was for me an important interest in the recent NHS discussions here. Whatever else, NHS patients' records should be kept from the DHSS who have no good business requiring to accesss them. Forget the FO and, to a fair extent, the HO. Make no bones about it, DHSS is the department which, in this century is most likely to watch and monitor he, she, thee and me, acquiring oppressive influence - authority even - over every intimate aspect of our lives. In my view, some of the activities of C&E straddle the boundary of what should be tolerable in a well managed nation. I do not like much of what it does but, try as I may, I cannot come up with much of an improving idea without first both reducing and reorganising the taxation of trade by the state. Owen From donald@ramsbottom.co.uk Fri, 03 Nov 2000 12:12:38 +0000 Date: Fri, 03 Nov 2000 12:12:38 +0000 From: Donald Ramsbottom donald@ramsbottom.co.uk Subject: GPL in the UK At 06:33 03/11/00 +0000, you wrote: >In message , Richard D G >Cox writes >>David Howe wrote: >>> The Inland Revenue have a past history of pulling some pretty dubious >>> stunts to get their VAT owed, and getting away with it. >> >>I think that you will find it is HM Customs and Excise, rather than the >>Inland Revenue that try to get VAT claimed - whether really owed or not! >> >>But yes, they do indeed like to operate right up to the limit of what is >>legal. And often coming from the far side into that limit, rather than >>the near side out! I'm currently considering bringing a contempt action >>against them under the new civil rules for exactly this type of behaviour. >> >The first time I ever cam across a VAT officer was watching him put a >sledgehammer through a neighbour's office. It has always coloured my >understanding of who they are. Likewise, when the client phones you up and says that VAT people came at 3.00am, opened the front door with their skeleton key (16lb sledge) "bagged up" most of the contents and left leaving a receipt, and all you can say is, "yes its legal they can do it" it always gives one a reflexive buttock clench when you know they are on the other side! Donald Ramsbottom LL.B, BA (Hons). RAMSBOTTOM & Co. Solicitors Internet Law & Global Cryptology Law Specialists 5 Seagrove Avenue, Hayling Island, Hants, PO11 9EU, England. Tel (44) (023) 9246 5931 Fax (44) (023)9246 8349 Ramsbottom & Co is regulated by the Law Society in the conduct of investment business Service by Fax or E-Mail NOT Accepted From I.Brown@cs.ucl.ac.uk Fri, 3 Nov 2000 12:23:30 -0000 Date: Fri, 3 Nov 2000 12:23:30 -0000 From: Ian Brown I.Brown@cs.ucl.ac.uk Subject: =?iso-8859-1?Q?GCHQ_move_costs_quintuple_to_=A3300m?= Glad to see that they're spending money so wisely, and that the Times is as critical as ever... -- General monitors GCHQ expense The Times, FRIDAY NOVEMBER 03 2000 BY MICHAEL EVANS, DEFENCE EDITOR A RETIRED general was called in to monitor the soaring cost of one of Britain’s shortest military advances: the transfer of GCHQ spy-centre staff from one side of Cheltenham to the other. The annual report of the parliamentary Intelligence and Security Committee showed yesterday that the expected removal costs have more than quadrupled from the original £60 million, partly because GCHQ cannot stop work even for one second. The construction work is believed to be costing just over £300 million. Tom King, chairman of the committee, sent a letter warning Downing Street of a financial debacle. Sir Richard Wilson, the Cabinet Secretary, invited Lieutenant-General Sir Edmund Burton, formerly Deputy Chief of Defence Staff (Systems), to review the management of the project. Yesterday’s report said: “The review confirmed . . . the scale of the challenges that the programme presents GCHQ and the range of high risks that could affect its successful completion.” GCHQ now operates from two sites in Cheltenham and it was thought it would be cheaper to build a new centre at one and close the other. http://www.thetimes.co.uk/article/0,,29757,00.html -- How about a snappier article for the Sun: GCHQ blows £240m on move BY IAN BROWN, SCANDAL EDITOR GCHQ has spent FIVE TIMES more than its original budget of £60m to move from one side of Cheltenham to another. Tony Blair was warned of a "financial debacle" months ago by the chairman of the parliamentary Intelligence and Security Committee. But the strongest rebuke a management review could offer "confirmed... the scale of the challenges that the programme presents GCHQ". THE SUN SAYS: no wonder we're paying through the nose for petrol tax. GCHQ's budget has to come from somewhere. From Pete.Chown@skygate.co.uk Fri, 3 Nov 2000 12:14:28 +0000 Date: Fri, 3 Nov 2000 12:14:28 +0000 From: Pete Chown Pete.Chown@skygate.co.uk Subject: GPL in the UK Donald Ramsbottom wrote: > Likewise, when the client phones you up and says that VAT people came at > 3.00am, opened the front door with their skeleton key (16lb sledge) "bagged > up" most of the contents and left leaving a receipt, and all you can say is, > "yes its legal they can do it" it always gives one a reflexive buttock > clench when you know they are on the other side! I've always been puzzled by one thing in this type of scenario (as regards the police as well). Don't the PACE codes of practice say that search warrants have to be executed during normal business hours if possible? I can understand that there will be situations where someone might get shot if the person wasn't taken by surprise. But if someone is suspected of a VAT fraud, a night time visit would seem to be a clear breach of the codes of practice if not the law as such. Of course, Customs can enter without a search warrant, but that is a separate issue. Actually that one could be a breach of the Human Rights Act now. -- Pete From I.Brown@cs.ucl.ac.uk Fri, 3 Nov 2000 13:15:40 -0000 Date: Fri, 3 Nov 2000 13:15:40 -0000 From: Ian Brown I.Brown@cs.ucl.ac.uk Subject: EMI plans crashes and "national security" Why flying will never be the same again by SIMON JENKINS The Times, Friday 3 November http://www.thetimes.co.uk/article/0,,29471,00.html ... I do not hold with Bermuda Triangles, but I did cock an ear when I heard that all of America’s three big air disasters of the past four years could be traced to one patch of sky off Long Island. The first was of a TWA Boeing on July 17, 1996, the second a Swissair MD-11 on September 2, 1998, and the third an EgyptAir jet on October 31 last year. A total of 676 people died in these accidents. Each plane was of different design. Each crash followed an electronic failure minutes after leaving JFK Airport. None has been satisfactorily explained. For the past three years a Harvard English professor, Elaine Scarry, has been investigating the crashes privately and publishing her findings in the erudite New York Review of Books. Ms Scarry’s meticulously researched conclusions challenge the entire world of air crash investigation, and are little short of sensational. She attributes these crashes — and possibly many others — to the under-researched phenomenon of electromagnetic interference (EMI). It is fear of this phenomenon which now forces us to turn off mobile phones in flight. The possible impact of EMI in the Long Island crashes was downplayed by the investigators, partly because it intruded on the secrecies of national defence and partly because what science does not fully understand it prefers to disregard. After reading Ms Scarry I have no doubt. If these planes were American and had crashed off the coast of Britain, Americans would be screaming blue murder and banning all flights from British airspace.... Perhaps the answer to these questions is too awful to contemplate. Defence is a realm of State sovereignty that it is so secretive yet potent that no politician dares question its recklessness. Only a determined private citizen does that. Could it be that American soldiers are, however unintentionally, subjecting passenger airplanes to the electronic equivalent of anti- aircraft flak? Few are gunned down. On the balance of risk, I am still happy to fly to America. But when I next pass through “the Long Island triangle” I shall raise a trembling glass in homage to St Christopher. From m.sharman@britishchambers.org.uk Fri, 3 Nov 2000 13:42:22 -0000 Date: Fri, 3 Nov 2000 13:42:22 -0000 From: m.sharman@britishchambers.org.uk m.sharman@britishchambers.org.uk Subject: =?iso-8859-1?Q?RE=3A_GCHQ_move_costs_quintuple_to_=A3300m?= This message is in MIME format. Since your mail reader does not understand this format, some or all of this message may not be legible. ------_=_NextPart_001_01C0459B.E727121E Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Now that is what I call a By-Line!!!!! How about a snappier article for the Sun: GCHQ blows =A3240m on move BY IAN BROWN, SCANDAL EDITOR ------_=_NextPart_001_01C0459B.E727121E Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable RE: GCHQ move costs quintuple to =A3300m

Now that is what I call a By-Line!!!!!

<SNIP>

How about a snappier article for the Sun:

GCHQ blows =A3240m on move

BY IAN BROWN, SCANDAL EDITOR

<SNIP>

------_=_NextPart_001_01C0459B.E727121E-- From alan.hassey@btinternet.com Fri, 3 Nov 2000 10:01:16 -0000 Date: Fri, 3 Nov 2000 10:01:16 -0000 From: Dr Alan Hassey alan.hassey@btinternet.com Subject: Health privacy Regulations in UK Robert There is very little in the way of special medical information legislation/regulation. The relevant acts are..... · The Computer Misuse Act 1990 – protects UK bodies against misuse of their IT facilities and means of prosecuting offenders; · The Data Protection Act 1998 – determines how personal information may be obtained, used and disclosed in the UK, including best practice for information security arrangements and risk management; · The Electronic Communications Act 2000 – provides new legal framework for the recognition and use of digital signatures in e-business; · The Regulation of Investigatory Powers Act 2000 – describes provisions for legitimate use of encryption in the UK and law enforcement compliance arrangements. The Access to Medical Reports Act is only relevant in terms of Insurance reports etc.... === Dr Alan Hassey (mailto:alan.hassey@btinternet.com) RCGP Health Informatics Group Joint Computing Group (GPC - RCGP) Hi: I need to obtain ASAP a print, or better yet an electronic copy of the regulations pertaining to Health Informatics/privacy in the UK for research I am conducting in the field. if you can help me with this, send me an private email. Yours Sincerely, Robert Guerra Toronto, Canada From pete@sorted.org Fri, 03 Nov 2000 14:10:26 +0000 Date: Fri, 03 Nov 2000 14:10:26 +0000 From: Pete Bentley pete@sorted.org Subject: EMI plans crashes and "national security" Not sure where the crypto relevance is, but At Fri, 03 Nov 2000 13:15:40 GMT, Ian Brown writes: >Why flying will never be the same again >by SIMON JENKINS >[...] >Each plane was of different design. Each crash followed an >electronic failure minutes after leaving JFK Airport. None has been >satisfactorily explained. I don't recall any electrical failures mentioned in the Egyptair crash... = >For the past three years a Harvard English professor, Elaine Scarry, has >been investigating the crashes privately and publishing her findings in th= e >erudite New York Review of Books. Ms Scarry=92s meticulously researched >conclusions challenge the entire world of air crash investigation, and are= >little short of sensational. = Or is that sensationalist? See RISKS Volume 20 Issue 8 = http://catless.ncl.ac.uk/Risks/21.08.html#subj9 for a rebuttal of Ms Scarry's work. Conspiracy theorists would no doubt suggest that the NASA scientists involved are part of the coverup. Pete. From mkirwan@baltimore.com Fri, 3 Nov 2000 13:25:46 -0000 Date: Fri, 3 Nov 2000 13:25:46 -0000 From: Mary Kirwan mkirwan@baltimore.com Subject: EMI plans crashes and "national security" Ian, You are scaring the living daylights out of me..... and I hate flying. Mary K -----Original Message----- From: Ian Brown [mailto:I.Brown@cs.ucl.ac.uk] Sent: Friday, November 03, 2000 1:16 PM To: ukcrypto Cc: g11; Simon Davies Subject: EMI plans crashes and "national security" Why flying will never be the same again by SIMON JENKINS The Times, Friday 3 November http://www.thetimes.co.uk/article/0,,29471,00.html ... I do not hold with Bermuda Triangles, but I did cock an ear when I heard that all of America's three big air disasters of the past four years could be traced to one patch of sky off Long Island. The first was of a TWA Boeing on July 17, 1996, the second a Swissair MD-11 on September 2, 1998, and the third an EgyptAir jet on October 31 last year. A total of 676 people died in these accidents. Each plane was of different design. Each crash followed an electronic failure minutes after leaving JFK Airport. None has been satisfactorily explained. For the past three years a Harvard English professor, Elaine Scarry, has been investigating the crashes privately and publishing her findings in the erudite New York Review of Books. Ms Scarry's meticulously researched conclusions challenge the entire world of air crash investigation, and are little short of sensational. She attributes these crashes - and possibly many others - to the under-researched phenomenon of electromagnetic interference (EMI). It is fear of this phenomenon which now forces us to turn off mobile phones in flight. The possible impact of EMI in the Long Island crashes was downplayed by the investigators, partly because it intruded on the secrecies of national defence and partly because what science does not fully understand it prefers to disregard. After reading Ms Scarry I have no doubt. If these planes were American and had crashed off the coast of Britain, Americans would be screaming blue murder and banning all flights from British airspace.... Perhaps the answer to these questions is too awful to contemplate. Defence is a realm of State sovereignty that it is so secretive yet potent that no politician dares question its recklessness. Only a determined private citizen does that. Could it be that American soldiers are, however unintentionally, subjecting passenger airplanes to the electronic equivalent of anti- aircraft flak? Few are gunned down. On the balance of risk, I am still happy to fly to America. But when I next pass through "the Long Island triangle" I shall raise a trembling glass in homage to St Christopher. From davidh@spidacom.co.uk Fri, 3 Nov 2000 14:39:22 -0000 Date: Fri, 3 Nov 2000 14:39:22 -0000 From: David Hansen davidh@spidacom.co.uk Subject: GPL in the UK On 3 Nov 00, at 11:39, Owen Lewis wrote: > The latitude > historically afforded to C&E is still grasped with both hands It's not often I agree with you Owen, but I consider this bunch of arrogant perverts to be a threat to society. > Whatever else, NHS patients' records should be kept from the DHSS There is no such organisation. (Ill)health was split off from the social "security" lot some time ago. The latter is now part of the Department for Education, Training and Employment. > In my view, some of the activities of C&E straddle the boundary of > what should be tolerable in a well managed nation. I do not like much > of what it does but, try as I may, I cannot come up with much of an > improving idea without first both reducing and reorganising the > taxation of trade by the state. Much of what the customs perverts do is pointless. Much of it should simply not be done and society would then be far better off. The "war" against drugs for example is just a way of maintaining large numbers of otherwise unemployable people in a job creation scheme and transferring large amounts of money to very nasty criminals. Preventing the terminal decline of society by preventing "pornographic" images showing erect penises being brought into the UK would be laughable, were it not so pointless and such a waste of my money. The one or two things customs perverts do that are of use to society could be transferred to other organisations that are not above any restraint by the law or common decency. One of the few useful things customs perverts do is deter the importation of certain animal products from endangered species. Tax should be collected by the tax authorities, as part of the combined tax and benefits system the Labour Party talk about in opposition but never do in government. This then leaves us with the difficult problem of what to do with the customs perverts. Personally I'm not that much of a liberal in this respect. Perverts are perverts and they have probably had their morals damaged too much by being involved in a perverted arm of government to make it possible for them to be reformed into moral members of society. To protect society from these perverts they can either be housed at at large expense for the rest of their lives or eradicated along with other cockroaches. I prefer the latter approach and think the camp at Treblinka would be a useful model for a final solution to customs perverts. The latter paragraph is not as tongue in cheek as some may think. David Hansen | davidh@spidacom.co.uk | PGP email preferred Edinburgh | CI$ number 100024,3247 | key number F566DA0E From I.Brown@cs.ucl.ac.uk Fri, 03 Nov 2000 14:43:48 +0000 Date: Fri, 03 Nov 2000 14:43:48 +0000 From: Ian BROWN I.Brown@cs.ucl.ac.uk Subject: EMI plans crashes and "national security" Mark Kirwan wrote: >You are scaring the living daylights out of me..... and I hate flying. >From the Risks article Pete Bentley posted, I don't think there's too much to actually be scared about this time... "This much energy must be available from EM fields outside the aircraft in order for it to be available inside the aircraft. It turns out to be a factor of 6.8 million times higher than that available on the outside of TWA 800 from the most significant emitter. And none of the emitters in the region of TWA 800 were known to be anywhere within the region of Swissair 111. A land-based emitter capable of creating this kind of field in the region of the route of flight of Swissair 111 is out of the question. Moreover, if the code results for TWA 800 are anything to go by, this energy estimate could well be orders of magnitude too low. We consider this result to refute the proposal of Ms. Scarry that external EMI could have caused the wiring fire in Swissair 111." http://catless.ncl.ac.uk/Risks/21.08.html#subj9 Ian :0) (who also flies over that corridor too often!) From I.Brown@cs.ucl.ac.uk Fri, 03 Nov 2000 14:46:08 +0000 Date: Fri, 03 Nov 2000 14:46:08 +0000 From: Ian BROWN I.Brown@cs.ucl.ac.uk Subject: EMI plans crashes and "national security" Pete Bentley wrote: >Not sure where the crypto relevance is, but I just found it fascinating that the general paranoid atmosphere of this list about national security was spreading to ex-Times editors ;) From owenfb@easynet.co.uk Fri, 03 Nov 2000 14:48:55 +0000 Date: Fri, 03 Nov 2000 14:48:55 +0000 From: Owen Blacker owenfb@easynet.co.uk Subject: GCHQ move costs quintuple to £300m > THE SUN SAYS: no wonder we're paying through the nose for petrol > tax. GCHQ's > budget has to come from somewhere. Petrol tax?! WTF?! :o) ----- Owen Blacker Senior Internet Developer and Internet Security Consultant I now have new PGP keys -- qv http://www.owens-place.org.uk/pgp.html Sig 0x00036874 | d39f b776 fa20 c125 b0e2 aa6d 555e 4126 0003 6874 This message was sent by Easymail - http://www.easynet.co.uk/ From mkirwan@baltimore.com Fri, 3 Nov 2000 15:09:22 -0000 Date: Fri, 3 Nov 2000 15:09:22 -0000 From: Mary Kirwan mkirwan@baltimore.com Subject: EMI plans crashes and "national security" Thanks Ian! Mary -----Original Message----- From: Ian BROWN [mailto:I.Brown@cs.ucl.ac.uk] Sent: Friday, November 03, 2000 2:44 PM To: ukcrypto@chiark.greenend.org.uk Cc: o.hodson@cs.ucl.ac.uk; simon.jenkins@thetimes.co.uk Subject: Re: EMI plans crashes and "national security" Mark Kirwan wrote: >You are scaring the living daylights out of me..... and I hate flying. >From the Risks article Pete Bentley posted, I don't think there's too much to actually be scared about this time... "This much energy must be available from EM fields outside the aircraft in order for it to be available inside the aircraft. It turns out to be a factor of 6.8 million times higher than that available on the outside of TWA 800 from the most significant emitter. And none of the emitters in the region of TWA 800 were known to be anywhere within the region of Swissair 111. A land-based emitter capable of creating this kind of field in the region of the route of flight of Swissair 111 is out of the question. Moreover, if the code results for TWA 800 are anything to go by, this energy estimate could well be orders of magnitude too low. We consider this result to refute the proposal of Ms. Scarry that external EMI could have caused the wiring fire in Swissair 111." http://catless.ncl.ac.uk/Risks/21.08.html#subj9 Ian :0) (who also flies over that corridor too often!) From donald@ramsbottom.co.uk Fri, 03 Nov 2000 16:16:27 +0000 Date: Fri, 03 Nov 2000 16:16:27 +0000 From: Donald Ramsbottom donald@ramsbottom.co.uk Subject: GPL in the UK >I've always been puzzled by one thing in this type of scenario (as >regards the police as well). Don't the PACE codes of practice say >that search warrants have to be executed during normal business hours >if possible? C&E are not really bound by PACE it's a police thing. As has been pointed out the powers of C&E derive from the powers they had to catch Brandy smugglers in days of yore, when there were regular "shoot outs" on beaches and in fishing villages. Their draconian powers were granted because they were dealing with tax evaders and the state has always dealt very harshly with people who try to evade payment due to it (not exclusive to UK of course all Govts. are the same in this respect, whether dictatorship, democracy, theocracy or whatever). > >I can understand that there will be situations where someone might get >shot if the person wasn't taken by surprise. But if someone is >suspected of a VAT fraud, a night time visit would seem to be a clear >breach of the codes of practice if not the law as such. Old habits die hard, and of course, getting the nasty smuggler/tax evader and "all requisite evidence" by means of a an exciting midnight jaunt is one of the perks of the job ;) > >Of course, Customs can enter without a search warrant, but that is a >separate issue. Actually that one could be a breach of the Human >Rights Act now. Yep could be, but the chances that it would be upheld are fairley remote! All EC Govts.tax collectors and customs people have similar powers and the chances that they would let their judges remove some power from them are remote. Govt. is about power, getting it and holding on to it. Money is power and an ability to ride rough shod over the citizen to get it is an essential element of power. If you don't believe me just look at the alleged "warplans" being drawn up in the possible fuel duty dispute (and it's excise duty on fuel), his Toniness has chaired meetings with Industry Moghuls, heads of Police, armed forces have been trained, the Police have been instructed to come down "hard" on transgressors (as the Gov sees them) and you can bet your bottom dollar that the security servicers have been working overtime keeping tabs on the ringleaders and their associate and especially their comms. HMG has not shrunk from wheeling out ministers to tell dire tales of the "possible" effect on health, education and other welfare services. You could almost see the tear in the eye of Al(ua)n (sp) Millburn, and his desperate hope of a quick death of a Granny or two. The order to industry to stockpile and for Joe Public not to panic, and not to do the same as more "important" services have been told to do. His Toniness even cancelled a trip to Russia to sort out some of the finer details. Has HMG acted with such speed and vigour any other issue you care to name? I think not. This one is about money and HMGs "right" to collect it. Of course if the rabble were able to impede HMG by encrypted comms (tries to steer back on topic), then life might be slightly more tricky for HMG, but as has been pointed out GCHQ can waste millions moving over the road and HMG does not bat an eyelid, for GCHQ will be his Toninesses principal weapon, and even RIP may be used who can tell. Will the HRA help anyone when faced with C&E I think not. Donald Ramsbottom LL.B, BA (Hons). RAMSBOTTOM & Co. Solicitors Internet Law & Global Cryptology Law Specialists 5 Seagrove Avenue, Hayling Island, Hants, PO11 9EU, England. Tel (44) (023) 9246 5931 Fax (44) (023)9246 8349 Ramsbottom & Co is regulated by the Law Society in the conduct of investment business Service by Fax or E-Mail NOT Accepted From chl@clw.cs.man.ac.uk Fri, 3 Nov 2000 11:40:16 +0000 (GMT) Date: Fri, 3 Nov 2000 11:40:16 +0000 (GMT) From: Charles Lindsey chl@clw.cs.man.ac.uk Subject: RIP questions On Thu, 2 Nov 2000 23:14:40 +0000 (/etc/localtime) Ben Clifford said... > > I was deliberately misunderstanding you. But my question was serious. > If I encrypt a message with your signature key, can you (or anyone else) > or anyone else "get me back" in any way? Only for harrassment. Charles H. Lindsey ---------At Home, doing my own thing------------------------ Email: chl@clw.cs.man.ac.uk Web: http://www.cs.man.ac.uk/~chl Voice/Fax: +44 161 436 6131 Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K. PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5 From ralf@senderek.de Fri, 3 Nov 2000 17:34:38 +0000 (GMT) Date: Fri, 3 Nov 2000 17:34:38 +0000 (GMT) From: Ralf Senderek ralf@senderek.de Subject: How to comply with RIPA-53 ? (was: Re: How RIP-proof is SSL?) -----BEGIN PGP SIGNED MESSAGE----- > Dave Bird said... >> On the second point, when you say "legally used".... if he points >> out that he can't do some capability, then if it is at all feasible >> for him to get the capability then they serve an order that he >> must get it and they will pay part of the cost. > >There is nothing in the Act authorising them to serve that kind of order. >> >> Richard or Clive might know whether Plod can order you to "save >> all keys relating to session with whoever for a given period." > >Nor that. There is provision for requiring ISPs to install a capability >for interception, but not for decryption. > Are you really sure? What are the reasons for your belief? As I read RIPA (sorry, I'm no lawyer) all depends on the powers to help making Syd "complying" the order. RIPA Section 53 states: "53. - (1) A person to whom a section 49 notice has been given is guilty of an offence if he knowingly fails, in accordance with the notice, to make the disclosure required by virtue of the giving of the notice." and: "53. - (4) In proceedings against any person for an offence under this section it shall be a defence for that person to show- (a) that it was not reasonably practicable for him to make the disclosure required by virtue of the giving of the section 49 notice before the time by which he was required, in accordance with that notice, to make it; but (b) that he did make that disclosure as soon after that time as it was reasonably practicable for him to do so." If Syd was unequivocally informed by Plod that he wishes to have all communications with Alice "disclosed" Syd has to comply with this order to avoid unwanted laziness. (a) would come in handy saying "Sorry, I don't have the propper equipment to comply with the order", but this would only work as a first excuse, because (b) would force him to do his best to employ improved software to be able to successfully comply with the order in future. And I'm sure the government-certified update is up and waiting. It seems to me that if we trust in the ability of SSL-implementations to forget any session key immediately after closing the connection we are hoping to block the politically motivated will to access encrypted information "intelligibly" with technical means. I fear that this would not really work in the end. And the end would possibly be the export of RIP to other EU-countries as well. We don't have a technical problem. Ralf Senderek *.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.* * Ralf Senderek * What is privacy * * http://senderek.de * without * * Tel.: 02432-3960 Sandstr. 60 D-41849 Wassenberg * PGP-2.6.3i? * *.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.* -----BEGIN PGP SIGNATURE----- Version: 2.6.3ia Charset: noconv iQCVAwUBOgHKUSmc/oJTgiNJAQH4JQQAuVnUvv4OCZNg1RX4eRbN8Xyq+ugw9S8i 2KMkkmTZD0up9b5fL+1UvQiaIHv9BrJ2SdhSqjludor5yEyDG05UVb8Js1eN8BsG x3PR/Wc1DXPi2pOcjD0dp0DonsWJn4Bl9EZCCEXrd+OVnFsD6PVMhFy7co46WgLs h++s5D7rS+w= =HvNf -----END PGP SIGNATURE----- From wendyg@cix.compulink.co.uk Fri, 3 Nov 2000 17:00 +0000 (GMT) Date: Fri, 3 Nov 2000 17:00 +0000 (GMT) From: Wendy Grossman wendyg@cix.compulink.co.uk Subject: wanted: RIP comment from US company... In-Reply-To: <1.5.4.32.20001103161627.00fffb34@192.168.0.65> Is there anyone on the list working for an American company doing business in the UK who could comment on RIP's impact on American businesses? It's for an article for a US business magazine. Much obliged, etc., to anyone who can respond before close of business Monday (California time). wg Wendy M. Grossman +44 (208) 948 3784 http://www.pelicancrossing.net From peter.fairbrother@ntlworld.com Fri, 03 Nov 2000 19:35:09 +0000 Date: Fri, 03 Nov 2000 19:35:09 +0000 From: Peter Fairbrother peter.fairbrother@ntlworld.com Subject: RIP questions on 2/11/00 9:46 am, Charles Lindsey at chl@clw.cs.man.ac.uk wrote: > On Wed, 1 Nov 2000 23:37:46 +0000 (/etc/localtime) > Ben Clifford said... > >> >> On Wed, 1 Nov 2000, Charles Lindsey wrote: >> >>>> If I somehow use somebody's signature key to encrypt information to them, >>>> this then seems to require that they have to give up their key, even if >>>> they intended for it to be used only for signatures? >>> >>> Yes, that is one of the known possibilities. But they "wouldn't" >>> prosecute you in that case, would they? >> >> What could they prosecute me for anyway? I wouldn't be breaking any law >> using someones signature key for encrypting, would I? Or could I be done >> for some form of harrasment (if such laws exist - I don't know, I just >> live here) > > What I meant was that they "wouldn't" prosecute the person unwittingly > receiving the communication, because they are all nice decent chaps, and > it wouldn't be cricket, would it? That must be correct, because that is > what the nice Minister said in Committee. Can you give me a reference to what the Minister said please? I am assuming you meant they wouldn't serve a s.49 order, not that they wouldn't prosecute. Peter Freedom is essential if you have enough to eat From benc@hawaga.org.uk Fri, 3 Nov 2000 22:16:56 +0000 (/etc/localtime) Date: Fri, 3 Nov 2000 22:16:56 +0000 (/etc/localtime) From: Ben Clifford benc@hawaga.org.uk Subject: conflict on the 29th Nov Hello. I heard this evening that there is a talk at UCL on 29th Nov at 7pm about "watercasting" - a combination of multicasting and watermarking - put on by the London unix User Group (or some such organisation). This is the same day that the ukcrypto pub meet is on. -- http://www.hawaga.org.uk/c0deZ/globeApplet/ for my rotating world map applet http://www.hawaga.org.uk/benc_key.txt GPG key 0x30F06950 - please use it! http://www.hawaga.org.uk/ben/ my homepage From benc@hawaga.org.uk Fri, 3 Nov 2000 22:29:38 +0000 (/etc/localtime) Date: Fri, 3 Nov 2000 22:29:38 +0000 (/etc/localtime) From: Ben Clifford benc@hawaga.org.uk Subject: another RIP question set... -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 If I somehow become aware of some forced disclosure of a key - say for example an employee of an some organisation illegally tells me that he has disclosed a particular key - is it then illegal for me to tell anybody else? As far as I can see, if I have not been served with a warrant for disclosure of that key, I am not a sec 19.2 person required to keep a secret. Or can Plod get round this by serving a warrant for the same key on me? Or would that merely require me to keep mum about the warrant that had been served on me? -- http://www.hawaga.org.uk/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.1 (GNU/Linux) Comment: PGPEnvelope - http://www.bigfoot.com/~ftobin/resources.html iD8DBQE6Azx0sYXoezDwaVARAismAJ4nf4wgtvZaqbrCU8mxMALSkyxpGACfWbYc onboLOULn3g/gL5wWmRI+Gs= =Y6K3 -----END PGP SIGNATURE----- From chl@clw.cs.man.ac.uk Fri, 3 Nov 2000 19:39:33 +0000 (GMT) Date: Fri, 3 Nov 2000 19:39:33 +0000 (GMT) From: Charles Lindsey chl@clw.cs.man.ac.uk Subject: How to comply with RIPA-53 ? (was: Re: How RIP-proof is SSL?) On Fri, 3 Nov 2000 17:34:38 +0000 (GMT) Ralf Senderek said... > >Nor that. There is provision for requiring ISPs to install a capability > >for interception, but not for decryption. > > > > Are you really sure? What are the reasons for your belief? Because the requirements for imposing obligations of that nature apply only to persons providing public postal or telecommunications services, and then only for the purpose of providing assistance in relation to interception warrants (and "interception" is very specifically defined). See 12(1). > > As I read RIPA (sorry, I'm no lawyer) all depends on the powers to > help making Syd "complying" the order. > > RIPA Section 53 states: > > "53. - (1) A person to whom a section 49 notice has been given > is guilty of an offence if he knowingly fails, in accordance with > the notice, to make the disclosure required by virtue of the > giving of the notice." But Plod has first to prove that Syd had or has the key, and it is a defence to show that he did not possess it at or after the time he received the Notice (and that should be pretty easy to show that if lack of possession arises fromm the normal operation of some well-known software). See 53(2). > > > If Syd was unequivocally informed by Plod that he wishes to have all > communications with Alice "disclosed" Syd has to comply with this > order to avoid unwanted laziness. No, read 50(1). A disclosure requirement only applies to a person (Syd) who, at or after the giving of the Notice, is in possession of the protected information, and of a means of disclosing it in an intelligible form. Syd is not in possession of any such means. Alternatively, if Syd does not have the protected information, then he must disclose any key in his possession at or after the giving of the notice. Now, if you are thinking of a "likely to" notice, which applies to some future communications from ALice, with some as-yet-ungenerated keys, then please read 53(2) again. An offence only arises in respect of a key in Syd's possession _before_ the giving of the Notice. So Plod loses both ways round. If he serves the Notice before the event, the key does not yet exist. If he serves it after the event, then Syd no longer possesses it. Charles H. Lindsey ---------At Home, doing my own thing------------------------ Email: chl@clw.cs.man.ac.uk Web: http://www.cs.man.ac.uk/~chl Voice/Fax: +44 161 436 6131 Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K. PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5 From benc@hawaga.org.uk Fri, 3 Nov 2000 22:34:33 +0000 (/etc/localtime) Date: Fri, 3 Nov 2000 22:34:33 +0000 (/etc/localtime) From: Ben Clifford benc@hawaga.org.uk Subject: yet more RIP qs -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I am employee of an ISP and a business IT services company where I have administrator priviledges on internal e-mail systems. So, I think I am a person in sec19.2(g,h). So does this prohibit me from ever talking about warrants that I have become aware of - even if they are nothing to do with any of the businesses I am involved in? If I ceased to be employed, could I then talk about warrants that I subsequently became aware of? Could I talk about warrants that I was aware of at the time I was an employee? Or has the fact that I worked for an ISP "tainted " me for life? - -- http://www.hawaga.org.uk/c0deZ/globeApplet/ for my rotating world map applet http://www.hawaga.org.uk/benc_key.txt GPG key 0x30F06950 - please use it! http://www.hawaga.org.uk/ben/ my homepage -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.1 (GNU/Linux) Comment: PGPEnvelope - http://www.bigfoot.com/~ftobin/resources.html iD8DBQE6Az2WsYXoezDwaVARAox0AJ93TbViewy2pZBKQwx2ypZhuxuhPQCfaZzc JY0eESmWMMPT/gn9uHGhOvA= =Ze+9 -----END PGP SIGNATURE----- From owenfb@easynet.co.uk Fri, 3 Nov 2000 22:44:50 -0000 Date: Fri, 3 Nov 2000 22:44:50 -0000 From: Owen Blacker owenfb@easynet.co.uk Subject: another RIP question set... -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 IIRC, anyone told (legally or otherwise) by the recipient of a notice is similarly constrained by its gagging clause, if there is one... O x - ----- Owen Blacker Senior Internet Developer and InfoSec Consultant, pres.co I now have new PGP keys -- see http://www.owens-place.org.uk/pgp.html Sig 0x00036874 | d39f b776 fa20 c125 b0e2 aa6d 555e 4126 0003 6874 - ----- Original Message ----- From: "Ben Clifford" To: Sent: Friday, November 03, 2000 10:29 PM Subject: another RIP question set... > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > If I somehow become aware of some forced disclosure of a key - say > for example an employee of an some organisation illegally tells me > that he has disclosed a particular key - is it then illegal for me > to tell anybody else? > > As far as I can see, if I have not been served with a warrant for > disclosure of that key, I am not a sec 19.2 person required to keep > a secret. > > Or can Plod get round this by serving a warrant for the same key on > me? Or would that merely require me to keep mum about the warrant > that had been served on me? > > > > > -- > http://www.hawaga.org.uk/ > > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.0.1 (GNU/Linux) > Comment: PGPEnvelope - > http://www.bigfoot.com/~ftobin/resources.html > > iD8DBQE6Azx0sYXoezDwaVARAismAJ4nf4wgtvZaqbrCU8mxMALSkyxpGACfWbYc > onboLOULn3g/gL5wWmRI+Gs= > =Y6K3 > -----END PGP SIGNATURE----- > > > -----BEGIN PGP SIGNATURE----- Version: PGP 7.0 iQA/AwUBOgM/3FVeQSYAA2h0EQJmeACg/nr85+G/qDrm1UjhaUpp1HmAYxcAoIRF kOwPX3GQOhcW96pr2ma1yArA =lNok -----END PGP SIGNATURE----- From benc@hawaga.org.uk Fri, 3 Nov 2000 22:58:31 +0000 (/etc/localtime) Date: Fri, 3 Nov 2000 22:58:31 +0000 (/etc/localtime) From: Ben Clifford benc@hawaga.org.uk Subject: another RIP question set... On Fri, 3 Nov 2000, Owen Blacker wrote: > IIRC, anyone told (legally or otherwise) by the recipient of a notice > is similarly constrained by its gagging clause, if there is one... Indeed, I have now found s54, which says that everyone who becomes aware of "it or its contents" [it == s49 notice], which I missed before. What if someone becomes aware that a particular key has been disclosed, without necessarily knowing that it become disclosed via a s49 notice? If someone says to me "hello. I know that key 0x12345678 has been disclosed" [an illegal act] I then know that this key has been disclosed, but have I become aware of the s49 notice or its contents? If not, then as far as I can see, I can legitimately repeat to others: "hello. I know that key 0x12345678 has been disclosed". -- http://www.hawaga.org.uk/c0deZ/globeApplet/ for my rotating world map applet http://www.hawaga.org.uk/benc_key.txt GPG key 0x30F06950 - please use it! http://www.hawaga.org.uk/ben/ my homepage From peter.fairbrother@ntlworld.com Fri, 03 Nov 2000 23:26:08 +0000 Date: Fri, 03 Nov 2000 23:26:08 +0000 From: Peter Fairbrother peter.fairbrother@ntlworld.com Subject: RIPA and SSA Help? on 1/11/00 6:04 pm, Owen Blacker at owen.blacker@pres.co.uk wrote: > Not having my thinking head on this evening (and, hence, off list > :o) , I may be being unbelievably stupid, but DSS can't really > encrypt /per se/ without it being hacked about with, can it? Still trying to answer. Does anyone know where I can get specs. and math about SSA? I've got loads of comment but that's all. Sorry if it's a neo question, I'm a mathematician with a hobby not a practising cryptographer. on 1/11/00 8:34 pm, Ben Laurie at ben@algroup.co.uk wrote: > Signatures can _always_ be used for encryption, via chaffing and > winnowing. There are examples where it is provably easier to break the signature than to do this, and examples where it is in practice easier to break the encryption without using the secret from the signature, though I wouldn't use them as signature schemes. Results that seem contrary to the 'obvious" information theory answer. As the situation is so complex a definitive proof is lacking, but I personally suspect the information theory is wrong. But here we get into areas where a diet of believing six impossible things before breakfast is no preparation... Peter From peter.fairbrother@ntlworld.com Fri, 03 Nov 2000 23:26:09 +0000 Date: Fri, 03 Nov 2000 23:26:09 +0000 From: Peter Fairbrother peter.fairbrother@ntlworld.com Subject: another RIP question set... on 3/11/00 10:58 pm, Ben Clifford at benc@hawaga.org.uk wrote: > > On Fri, 3 Nov 2000, Owen Blacker wrote: > >> IIRC, anyone told (legally or otherwise) by the recipient of a notice >> is similarly constrained by its gagging clause, if there is one... > > Indeed, I have now found s54, which says that everyone who becomes aware > of "it or its contents" [it == s49 notice], which I missed before. > > What if someone becomes aware that a particular key has been disclosed, > without necessarily knowing that it become disclosed via a s49 notice? > > If someone says to me > "hello. I know that key 0x12345678 has been disclosed" [an illegal act] > I then know that this key has been disclosed, but have I become aware of > the s49 notice or its contents? > If not, then as far as I can see, I can legitimately repeat to others: > "hello. I know that key 0x12345678 has been disclosed". And ISTR from the Parliamentary debate that you can announce to anyone that the key has been compromised. From O.Hodson@cs.ucl.ac.uk Fri, 03 Nov 2000 13:53:32 +0000 Date: Fri, 03 Nov 2000 13:53:32 +0000 From: Orion Hodson O.Hodson@cs.ucl.ac.uk Subject: EMI plans crashes and "national security" What elaine scaryy says is beautifuuly written, but debatable... http://catless.ncl.ac.uk/Risks/21.08.html#subj9 Ian Brown writes: > Why flying will never be the same again > by SIMON JENKINS > The Times, Friday 3 November > http://www.thetimes.co.uk/article/0,,29471,00.html > ... > I do not hold with Bermuda Triangles, but I did cock an ear when I heard > that all of America’s three big airdisasters of the past four years could > be traced to one patch of sky off Long Island. The first was of a TWA Boeing > on July 17, 1996, the second a Swissair MD-11 on September 2, 1998, and the > third an EgyptAir jet on October 31 last year. A total of 676 people died in > these accidents. Each plane was of different design. Each crash followed an > electronic failure minutes after leaving JFK Airport. None has been > satisfactorily explained. > > For the past three years a Harvard English professor, Elaine Scarry, has > been investigating the crashes privately and publishing her findings in the > erudite New York Review of Books. Ms Scarry’s meticulously researched > conclusions challenge the entire world of air crash investigation, and are > little short of sensational. She attributes these crashes — and possibly > many others — to the under-researched phenomenon of electromagnetic > interference (EMI). It is fear of this phenomenon which now forces us to > turn off mobile phones in flight. The possible impact of EMI in the Long > Island crashes was downplayed by the investigators, partly because it > intruded on the secrecies of national defence and partly because what > science does not fully understand it prefers to disregard. After reading Ms > Scarry I have no doubt. If these planes were American and had crashed off > the coast of Britain, Americans would be screaming blue murder and banning > all flights from British airspace.... > > Perhaps the answer to these questions is too awful to contemplate. Defence > is a realm of State sovereignty that it is so secretive yet potent that no > politician dares question its recklessness. Only a determined private > citizen does that. Could it be that American soldiers are, however > unintentionally, subjecting passenger airplanes to the electronic equivalent > of anti- aircraft flak? Few are gunned down. On the balance of risk, I am > still happy to fly to America. But when I next pass through “the Long Island > triangle” I shall raise a trembling glass in homage to St Christopher. > From ben@algroup.co.uk Sat, 04 Nov 2000 13:01:23 +0000 Date: Sat, 04 Nov 2000 13:01:23 +0000 From: Ben Laurie ben@algroup.co.uk Subject: RIPA and SSA Help? Peter Fairbrother wrote: > on 1/11/00 8:34 pm, Ben Laurie at ben@algroup.co.uk wrote: > > > Signatures can _always_ be used for encryption, via chaffing and > > winnowing. > > There are examples where it is provably easier to break the signature than > to do this, and examples where it is in practice easier to break the > encryption without using the secret from the signature, though I wouldn't > use them as signature schemes. Results that seem contrary to the 'obvious" > information theory answer. As the situation is so complex a definitive proof > is lacking, but I personally suspect the information theory is wrong. But > here we get into areas where a diet of believing six impossible things > before breakfast is no preparation... Sorry, I didn't understand that at all ... any chance of saying it more verbosely? Cheers, Ben. -- http://www.apache-ssl.org/ben.html "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff From jya@pipeline.com Sat, 04 Nov 2000 08:08:26 -0500 Date: Sat, 04 Nov 2000 08:08:26 -0500 From: John Young jya@pipeline.com Subject: EMI plans crashes and "national security" First, a tie of EMI to the purpose of this list: The work of Ross and Markus on electromagnetic emanations, TEMPEST and tampering with chips and who knows what else in connection with cryptanalysis via electronic probes and inadverdent EM=20 leakage of information, and no doubt some other sensational stuff not disclosable. There is very long history of highly secret information about EMI and information insecurity, and history as well about the adverse consequences of not disclosing information on=20 the topic. EMI researchers often refer to such history and instances, and the controversy caused among scientists and defense officials. That is what Ms. Scarry found as well, and while she has received much criticism for her lack of scientific credentials, there has been far fewer answers to the concerns raised by reputable scientists=20 from whom she received top-quality EMI analysis. There are within the EMI scientific community vigorous disputes on the matters Ms. Scarry covers, not least over secret information, some of which is national security related, some related to proprietary interests of researchers=20 and corporations. A coincidence not mentioned by Ms. Scarry, nor any other investigation of the Long Island crashes, is that that is the location of Nicolas Tesla's astonishing electromagnetic investigations in the early part of the century, some of which also got him into deep trouble with the US government and which involved fierce battles for economic control of cutting-edge technology -- battles which he lost, though some of his research was expropriated by the USG and is allegedly still classified. (Tesla's lower Manhattan lab was shut by municipal officials for excessively shaking the neighborhood when he fired his gigantic, thunderous electro-arcs. He adored being called a mad scientist and demonstrating the use of his body as a conductor of terrifyin voltage.) The other coincidence, and hang on to your conspiracy seat belt, is the Brookhaven National Laboratory is located in the same area, and there have been decades-long allegations of top secret electromagnetic research there which has adversely affected the region. Some of these allegations are available on the Internet and go well beyond what Ms. Scarry, by comparison, reasonably and modestly claims. Finally, some of the scientists Ms. Scarry relies upon for her story, claim that due to secrecy restrictions, she has been told only the surface of the facts of lethal, ever-leaking EMI. At 01:53 PM 11/3/00 +0000, you wrote: > >What elaine scaryy says is beautifuuly written, but debatable... > > http://catless.ncl.ac.uk/Risks/21.08.html#subj9 > > >Ian Brown writes: >> Why flying will never be the same again >> by SIMON JENKINS >> The Times, Friday 3 November >> http://www.thetimes.co.uk/article/0,,29471,00.html >> ... >> I do not hold with Bermuda Triangles, but I did cock an ear when I heard >> that all of America=92s three big airdisasters of the past four years= could >> be traced to one patch of sky off Long Island. The first was of a TWA Boeing >> on July 17, 1996, the second a Swissair MD-11 on September 2, 1998, and= the >> third an EgyptAir jet on October 31 last year. A total of 676 people died in >> these accidents. Each plane was of different design. Each crash followed= an >> electronic failure minutes after leaving JFK Airport. None has been >> satisfactorily explained. >>=20 >> For the past three years a Harvard English professor, Elaine Scarry, has >> been investigating the crashes privately and publishing her findings in= the >> erudite New York Review of Books. Ms Scarry=92s meticulously researched >> conclusions challenge the entire world of air crash investigation, and= are >> little short of sensational. She attributes these crashes =97 and= possibly >> many others =97 to the under-researched phenomenon of electromagnetic >> interference (EMI). It is fear of this phenomenon which now forces us to >> turn off mobile phones in flight. The possible impact of EMI in the Long >> Island crashes was downplayed by the investigators, partly because it >> intruded on the secrecies of national defence and partly because what >> science does not fully understand it prefers to disregard. After reading= Ms >> Scarry I have no doubt. If these planes were American and had crashed off >> the coast of Britain, Americans would be screaming blue murder and= banning >> all flights from British airspace.... >>=20 >> Perhaps the answer to these questions is too awful to contemplate.= Defence >> is a realm of State sovereignty that it is so secretive yet potent that= no >> politician dares question its recklessness. Only a determined private >> citizen does that. Could it be that American soldiers are, however >> unintentionally, subjecting passenger airplanes to the electronic equivalent >> of anti- aircraft flak? Few are gunned down. On the balance of risk, I am >> still happy to fly to America. But when I next pass through =93the Long Island >> triangle=94 I shall raise a trembling glass in homage to St Christopher. >>=20 >=20 From chl@clw.cs.man.ac.uk Sat, 4 Nov 2000 17:40:32 +0000 (GMT) Date: Sat, 4 Nov 2000 17:40:32 +0000 (GMT) From: Charles Lindsey chl@clw.cs.man.ac.uk Subject: yet more RIP qs On Fri, 3 Nov 2000 22:34:33 +0000 (/etc/localtime) Ben Clifford said... > > > I am employee of an ISP and a business IT services company where I have > administrator priviledges on internal e-mail systems. So, I think I am a > person in sec19.2(g,h). So does this prohibit me from ever talking about > warrants that I have become aware of - even if they are nothing to do > with any of the businesses I am involved in? It is certainly clear that any employee of an ISP is presumed to be aware that he must NEVER say anything about any warrant (note that this is automatic for warrrants - there is no separate tipping off to be apecified as with a S49 notice). Ignorance of the law is presumably no excuse. > > If I ceased to be employed, could I then talk about warrants that I > subsequently became aware of? Could I talk about warrants that I was aware > of at the time I was an employee? Or has the fact that I worked for an > ISP "tainted " me for life? I think the lawyers on this list had better answer that one. On Fri, 3 Nov 2000 22:58:31 +0000 (/etc/localtime) Ben Clifford said... > Indeed, I have now found s54, which says that everyone who becomes aware > of "it or its contents" [it == s49 notice], which I missed before. > > What if someone becomes aware that a particular key has been disclosed, > without necessarily knowing that it become disclosed via a s49 notice? Then I think it is OK, so long as you are quite sure that you are not aware of the notice or of its contents - clearly you are skating on thinnish ice. Charles H. Lindsey ---------At Home, doing my own thing------------------------ Email: chl@clw.cs.man.ac.uk Web: http://www.cs.man.ac.uk/~chl Voice/Fax: +44 161 436 6131 Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K. PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5 From chl@clw.cs.man.ac.uk Sat, 4 Nov 2000 17:30:31 +0000 (GMT) Date: Sat, 4 Nov 2000 17:30:31 +0000 (GMT) From: Charles Lindsey chl@clw.cs.man.ac.uk Subject: RIP questions On Fri, 03 Nov 2000 19:35:09 +0000 Peter Fairbrother said... > > on 2/11/00 9:46 am, Charles Lindsey at chl@clw.cs.man.ac.uk wrote: > > > What I meant was that they "wouldn't" prosecute the person unwittingly > > receiving the communication, because they are all nice decent chaps, and > > it wouldn't be cricket, would it? That must be correct, because that is > > what the nice Minister said in Committee. > > Can you give me a reference to what the Minister said please? I am assuming > you meant they wouldn't serve a s.49 order, not that they wouldn't > prosecute. > Ooh! That was way back (Charles Clarke in the Commons, I think). I don't really want to download the whole of Hansard again, but I am pretty sure the point came up and that was the answer. That was certainly the style of the answer for several such questions. On Fri, 03 Nov 2000 23:26:09 +0000 Peter Fairbrother said... > And ISTR from the Parliamentary debate that you can announce to anyone that > the key has been compromised. Yes, that was certainly said, and by the Home Office before the debate too. It was actually said in the context of revoking a key. We shall have to see whether they repeat it in the Code of Practice. Charles H. Lindsey ---------At Home, doing my own thing------------------------ Email: chl@clw.cs.man.ac.uk Web: http://www.cs.man.ac.uk/~chl Voice/Fax: +44 161 436 6131 Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K. PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5 From davidh@spidacom.co.uk Sat, 4 Nov 2000 17:46:48 -0000 Date: Sat, 4 Nov 2000 17:46:48 -0000 From: David Hansen davidh@spidacom.co.uk Subject: EMI plans crashes and "national security" On 4 Nov 00, at 8:08, John Young wrote: > There is very long history of highly secret information about > EMI and information insecurity, and history as well about > the adverse consequences of not disclosing information on > the topic. Indeed. However the UK government did lift the lid on these issues in the 1980s when it told private industry and the public about the subject. This caused a stir in the media at the time with banks being shown to be particularly complacent. Private industry should have developed their thinking in this area from what was disclosed, but don't seem to have done so. Indeed they seem to have forgotten what the government told them. Those people with some knowledge of the subject from the government side will no doubt remember the time, with concerns over what had been released and what had not. David Hansen | davidh@spidacom.co.uk | PGP email preferred Edinburgh | CI$ number 100024,3247 | key number F566DA0E From ralf@senderek.de Sat, 4 Nov 2000 20:49:53 +0000 (GMT) Date: Sat, 4 Nov 2000 20:49:53 +0000 (GMT) From: Ralf Senderek ralf@senderek.de Subject: How to comply with RIPA-53 ? (was: Re: How RIP-proof is SSL?) -----BEGIN PGP SIGNED MESSAGE----- > > Charles Lindsey wrote: > > Now, if you are thinking of a "likely to" notice, which applies to some > future communications from ALice, with some as-yet-ungenerated keys, > then please read 53(2) again. An offence only arises in respect of a key > in Syd's possession _before_ the giving of the Notice. So Plod loses > both ways round. If he serves the Notice before the event, the key does > not yet exist. If he serves it after the event, then Syd no longer > possesses it. > I agree that for all communications before the giving of the notice Syd has to comply only in giving away his secret key(s) used to recover the long-forgotten session key(s) if he still has one of them. A speedy replacement of asymmetric keys would be sufficient to solve this problem. But RIPA defines the term "relevant time" very precisely, so that Syd will problably get into possession of a new session key and the information as well during this period since the giving of the notice (yesterday) and the time by which Syd has to comply with the notice (tomorrow). I think forgetting the session key and replacing the asymmetric keys will be of no use then. In this case he has to show (53-4) "that it was not reasonably practicable for him to make the disclosure ". And Plod will sure be helpful that his capabilities will have improved drastically next time a notice is comming in. To think it is possible to arrange that Plod is always losing may be deceptive. Ralf *.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.* * Ralf Senderek * What is privacy * * http://senderek.de * without * * Tel.: 02432-3960 Sandstr. 60 D-41849 Wassenberg * PGP-2.6.3i? * *.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.*.* -----BEGIN PGP SIGNATURE----- Version: 2.6.3ia Charset: noconv iQCVAwUBOgR2ZSmc/oJTgiNJAQF2hwP+JjzO+2chFCmLmD+O7f4aO1qUcT76QusQ 1YZOPDyXHKc7c/Lwfi/tBwPeyCU3t3WaYZ0DngT4wbN3sipmA+F2qtjyGIrjKCRc mPMLmgrSA3INArGj8tBt8bEh403VEHipBRqlH+NoBitkfTNuruAJ6LdpY1eHHyc4 mrn63/8Fp2Q= =TdoI -----END PGP SIGNATURE----- From mctaylor@privacy.nb.ca Sat, 4 Nov 2000 16:34:32 -0400 (AST) Date: Sat, 4 Nov 2000 16:34:32 -0400 (AST) From: M Taylor mctaylor@privacy.nb.ca Subject: H.R. 2413 Where are the shades of RIP? There is no mention of key recovery, trusted third parties, or key escrow as far as I am aware in this bill. It seems to be more of establishing a U.S. federal guideline for digital signatures and certificate authorities to have compatible standards -- not unlike the standards for notary publics and the legal framework for ink based signatures. Digital signature schemes and CAs need standards to be compatible, in order to become widely adopted. Unless you'd rather use the UPS style of 'stylus on a touch screen' for an "electronic signature" which gains none of the supposed advantages possible with digital signatures (should be harder to forge, and should easier to have a high degree of confidence). -- M Taylor mctaylor@ / privacy.nb.ca On Thu, 2 Nov 2000, Donald Ramsbottom wrote: > Below is a snippet about the Computer Security Enhancement Act. Shades of > RIP accross the Pond. > > The extract is from E-Commerce weekly. > > House Passes Computer Security Enhancement Act of 2000 > On October 24th, the House passed by voice vote the Computer Security > Enhancement Act of 2000 (H.R. 2413). H.R. 2413 would require the National > Institute of Standards and Technology (NIST) to establish voluntary > standards to promote the interoperability of private industry Public Key > Infrastructures (PKIs) with their federal government counterparts, and to > provide guidance to federal agencies for protecting the security and privacy > of sensitive information in federal computer systems. While these basic From peter.fairbrother@ntlworld.com Sat, 04 Nov 2000 22:17:38 +0000 Date: Sat, 04 Nov 2000 22:17:38 +0000 From: Peter Fairbrother peter.fairbrother@ntlworld.com Subject: RIPA and SSA Help? on 4/11/00 1:01 pm, Ben Laurie at ben@algroup.co.uk wrote: > Peter Fairbrother wrote: >> on 1/11/00 8:34 pm, Ben Laurie at ben@algroup.co.uk wrote: >> >>> Signatures can _always_ be used for encryption, via chaffing and >>> winnowing. >> >> There are examples where it is provably easier to break the signature than >> to do this, and examples where it is in practice easier to break the >> encryption without using the secret from the signature, though I wouldn't >> use them as signature schemes. Results that seem contrary to the 'obvious" >> information theory answer. As the situation is so complex a definitive proof >> is lacking, but I personally suspect the information theory is wrong. But >> here we get into areas where a diet of believing six impossible things >> before breakfast is no preparation... > > Sorry, I didn't understand that at all ... any chance of saying it more > verbosely? > > Cheers, All(?) useful signature schemes consist of an algorithm that takes a known piece of data, usually a hash of the document to be signed, and manipulates this with a secret key known only to the signer. The result can be decrypted back to the known data without knowing the secret key. The security of the scheme lies in the difficulty of creating a result that decrypts properly without knowing the secret key. To be useful there must also be a public key, so that more than one person can use the algorithm, and so the algorithm need not be kept secret. From information theory this public key must be related to the private key in some way. To use a signature scheme in reverse to usefully encrypt information requires that the signer can decrypt some cyphertext by using the secret key known to him, without the generator of the cyphertext knowing that secret key. To be useful it is also required that it be easier to decrypt the cyphertext if the secret is known, otherwise everyone has an equal opportunity of decrypting the cyphertext. Therefore the generator must use the public key somehow to encrypt. It seems "obvious" from information theory that knowing the public key makes it possible to devise an encryption that can be decrypted more easily when the private key is known to the decrypter, due to the relationship between the public and the private keys. However, there are examples where it is provably easier to break the relationship and thusly decrypt than to do chaffing and winnowing, and examples where it is in practice easier to decrypt without using the secret key from the signature, which makes the use of the public key (as opposed to any other key) to encrypt pointless. This is not a definitive refutal of the "obvious" conclusion of information theory, however I personally believe that conclusion is wrong. The Alice-in-Wonderland bit comes from considerations of the existance of undetectable and deniable covert channels. If you can't detect them, do they exist? Even though you can transfer information using them? Even if after their ?existance? is revealed they are deniable? Shades of quantum entanglement here. Hope this is verbose (and accurate - slightly out-to-lunch now) enough. Peter Remember, remember > > Ben. > -- > http://www.apache-ssl.org/ben.html > > "There is no limit to what a man can do or how far he can go if he > doesn't mind who gets the credit." - Robert Woodruff "Cash only. No credit today. Credit tomorrow." - The off-licence. From david@swarb.freeuk.com Sat, 4 Nov 2000 07:53:40 +0000 Date: Sat, 4 Nov 2000 07:53:40 +0000 From: David Swarbrick david@swarb.freeuk.com Subject: another RIP question set... In message , Peter Fairbrother writes >on 3/11/00 10:58 pm, Ben Clifford at benc@hawaga.org.uk wrote: > >> >> On Fri, 3 Nov 2000, Owen Blacker wrote: >> >>> IIRC, anyone told (legally or otherwise) by the recipient of a notice >>> is similarly constrained by its gagging clause, if there is one... >> >> Indeed, I have now found s54, which says that everyone who becomes aware >> of "it or its contents" [it == s49 notice], which I missed before. >> >> What if someone becomes aware that a particular key has been disclosed, >> without necessarily knowing that it become disclosed via a s49 notice? >> >> If someone says to me >> "hello. I know that key 0x12345678 has been disclosed" [an illegal act] >> I then know that this key has been disclosed, but have I become aware of >> the s49 notice or its contents? >> If not, then as far as I can see, I can legitimately repeat to others: >> "hello. I know that key 0x12345678 has been disclosed". > >And ISTR from the Parliamentary debate that you can announce to anyone that >the key has been compromised. > Parliamentary answers will count for little. The codes of practice a bit more, but eventually, and always and only, look to the statute. > > > > -- David Swarbrick, Solicitor. Computer and Internet Law and Contracts david@swarb.freeuk.com T: +44(0)1484 722531 F: +44(0)1484 716617 Law-index of 11,400+ case summaries at www.swarb.co.uk From david@swarb.freeuk.com Sat, 4 Nov 2000 07:59:13 +0000 Date: Sat, 4 Nov 2000 07:59:13 +0000 From: David Swarbrick david@swarb.freeuk.com Subject: =?iso-8859-1?q?RE:_GCHQ_move_costs_quintuple_to_=A3300m?= In message <6EF571F3D481D411A10500D0B7883ABC04F759@ntfile.britishchamber .org.uk>, m.sharman@britishchambers.org.uk writes > > Now that is what I call a By-Line!!!!! > > > > How about a snappier article for the Sun: > > GCHQ blows £240m on move Or GCHQ moves £240 m on blow ? -- David Swarbrick, Solicitor. Computer and Internet Law and Contracts david@swarb.freeuk.com T: +44(0)1484 722531 F: +44(0)1484 716617 Law-index of 11,400+ case summaries at www.swarb.co.uk From nbohm@ernest.net Sun, 05 Nov 2000 10:02:23 +0000 Date: Sun, 05 Nov 2000 10:02:23 +0000 From: Nicholas Bohm nbohm@ernest.net Subject: How to comply with RIPA-53 ? (was: Re: How RIP-proof is SSL?) At 07:39 PM 11/3/2000 +0000, Charles Lindsey wrote: [large snip] >Now, if you are thinking of a "likely to" notice, which applies to some >future communications from ALice We should keep an issue alive on this point: it is strongly arguable that a "likely to" notice can only apply to protected information which exists at the time the notice is issued but is not yet in the possession of the relevant person (e.g. because he's on his way to your office with a warrant to seize it); and that it cannot apply to future communications. Regards, Nicholas Bohm Salkyns, Great Canfield, Takeley, Bishop's Stortford CM22 6SX, UK Phone 01279 871272 (+44 1279 871272) Fax 01279 870215 (+44 1279 870215) Mobile 07715 419728 (+44 7715 419728) PGP RSA 1024 bit public key ID: 0x08340015. Fingerprint: 9E 15 FB 2A 54 96 24 37 98 A2 E0 D1 34 13 48 07 PGP DSS/DH 1024/3072 public key ID: 0x899DD7FF. Fingerprint: 5248 1320 B42E 84FC 1E8B A9E6 0912 AE66 899D D7FF From ghira@mistral.co.uk 4 Nov 2000 13:4:24 +0000 Date: 4 Nov 2000 13:4:24 +0000 From: Adam Atkinson ghira@mistral.co.uk Subject: GPL in the UK On 03-Nov-00 11:39:40, Owen Lewis said: >The history of C&E as a bunch of poachers turned gamekeepers extends back at >least to the reciprocal French and English blockades of Napoleonic times. Whereas the Mafia, interestingly, are gamekeepers turned poachers. -- Adam Atkinson (ghira@mistral.co.uk) But what *IS* the internet? It's the largest equivalence class in the reflexive transitive symmetric closure of the relationship "can be reached by an IP packet from". From chl@clw.cs.man.ac.uk Sun, 5 Nov 2000 15:15:36 +0000 (GMT) Date: Sun, 5 Nov 2000 15:15:36 +0000 (GMT) From: Charles Lindsey chl@clw.cs.man.ac.uk Subject: RIPA and SSA Help? On Sat, 04 Nov 2000 22:17:38 +0000 Peter Fairbrother said... > > However, there are examples where it is provably easier to break the > relationship and thusly decrypt than to do chaffing and winnowing, and > examples where it is in practice easier to decrypt without using the secret > key from the signature, which makes the use of the public key (as opposed to > any other key) to encrypt pointless. Please could somebody explain to us what "chaffing and winnowing" means? Charles H. Lindsey ---------At Home, doing my own thing------------------------ Email: chl@clw.cs.man.ac.uk Web: http://www.cs.man.ac.uk/~chl Voice/Fax: +44 161 436 6131 Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K. PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5 From chl@clw.cs.man.ac.uk Sun, 5 Nov 2000 15:19:27 +0000 (GMT) Date: Sun, 5 Nov 2000 15:19:27 +0000 (GMT) From: Charles Lindsey chl@clw.cs.man.ac.uk Subject: How to comply with RIPA-53 ? (was: Re: How RIP-proof is SSL?) On Sun, 05 Nov 2000 10:02:23 +0000 Nicholas Bohm said... > We should keep an issue alive on this point: it is strongly arguable that > a "likely to" notice can only apply to protected information which exists > at the time the notice is issued but is not yet in the possession of the > relevant person (e.g. because he's on his way to your office with a warrant > to seize it); and that it cannot apply to future communications. Now there's an interesting thought (I had always assumed the contrary). You say it is "arguable". Would you care to start arguing? Charles H. Lindsey ---------At Home, doing my own thing------------------------ Email: chl@clw.cs.man.ac.uk Web: http://www.cs.man.ac.uk/~chl Voice/Fax: +44 161 436 6131 Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K. PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5 From chl@clw.cs.man.ac.uk Sun, 5 Nov 2000 15:14:18 +0000 (GMT) Date: Sun, 5 Nov 2000 15:14:18 +0000 (GMT) From: Charles Lindsey chl@clw.cs.man.ac.uk Subject: How to comply with RIPA-53 ? (was: Re: How RIP-proof is SSL?) On Sat, 4 Nov 2000 20:49:53 +0000 (GMT) Ralf Senderek said... > > > > > > Charles Lindsey wrote: > > > > Now, if you are thinking of a "likely to" notice, which applies to some > > future communications from ALice, with some as-yet-ungenerated keys, > > then please read 53(2) again. An offence only arises in respect of a key > > in Syd's possession _before_ the giving of the Notice. So Plod loses > > both ways round. If he serves the Notice before the event, the key does > > not yet exist. If he serves it after the event, then Syd no longer > > possesses it. > > > > I agree that for all communications before the giving of the notice > Syd has to comply only in giving away his secret key(s) used to recover > the long-forgotten session key(s) if he still has one of them. A speedy > replacement of asymmetric keys would be sufficient to solve this > problem. Ah! I see! You are saying that 53(1) still applies, even though 53(2) does not. > > But RIPA defines the term "relevant time" very precisely, so that > Syd will problably get into possession of a new session key and the > information as well during this period since the giving of the notice > (yesterday) and the time by which Syd has to comply with the > notice (tomorrow). So at some point of time today Syd was in possession of the ephemeral session key, the protected information came into his computer, was decrypted (to reveal Alice's credit card number) and then discarded. The credit card number was used for whatever purpose, but Plod will need a search warrant to look inside Syd's computer to see what was done with that, because that was nothing to do with communications. So, for a few seconds, Syd was in possession of the key plus such bits of the protected information as were being decrytped during that time. But he has no means of obtaining access to it in that state (he can access the decrypted credit card number later on in some other part of his system, but that is irrelevant to the present purpose). So S50(1) does not apply. Oddly enough, S50(3) makes no provision for the case where Syd has the key and the protected information, but no means for applying the one to the other. So we have to suppose that Plod has declared a "special circumstance". So you are saying that Syd is then required to disclose the session key during those few seconds, as soon as it becomes available, because that is what the Notice said. The Act indeed takes no account of the fact that he has no means to do this (and the Courts would likely take a dim view of that - I doubt it would stand up under the Human Rights legislation). Or else, Syd has to rely on 53(4). > I think forgetting the session key and replacing the > asymmetric keys will be of no use then. In this case he has to show > (53-4) "that it was not reasonably practicable for him to make the > disclosure ". And Plod will sure be helpful that his capabilities > will have improved drastically next time a notice is comming in. But there is NO requirement in the Act for Syd to accept assistance from Plod. Plod might supply Syd with a program to do the job, but Syd is noway obliged to run Plod's program (who knows what sort of virus or trojan it might contain?). And the Home Office repeatedly said beforehand that people could use any cryptographic algorithms of their choice, and I would normally interpret that as meaning any implementation thereof of their choice. Charles H. Lindsey ---------At Home, doing my own thing------------------------ Email: chl@clw.cs.man.ac.uk Web: http://www.cs.man.ac.uk/~chl Voice/Fax: +44 161 436 6131 Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K. PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5 From chl@clw.cs.man.ac.uk Sun, 5 Nov 2000 15:14:18 +0000 (GMT) Date: Sun, 5 Nov 2000 15:14:18 +0000 (GMT) From: Charles Lindsey chl@clw.cs.man.ac.uk Subject: How to comply with RIPA-53 ? (was: Re: How RIP-proof is SSL?) On Sat, 4 Nov 2000 20:49:53 +0000 (GMT) Ralf Senderek said... > > > > > > Charles Lindsey wrote: > > > > Now, if you are thinking of a "likely to" notice, which applies to some > > future communications from ALice, with some as-yet-ungenerated keys, > > then please read 53(2) again. An offence only arises in respect of a key > > in Syd's possession _before_ the giving of the Notice. So Plod loses > > both ways round. If he serves the Notice before the event, the key does > > not yet exist. If he serves it after the event, then Syd no longer > > possesses it. > > > > I agree that for all communications before the giving of the notice > Syd has to comply only in giving away his secret key(s) used to recover > the long-forgotten session key(s) if he still has one of them. A speedy > replacement of asymmetric keys would be sufficient to solve this > problem. Ah! I see! You are saying that 53(1) still applies, even though 53(2) does not. > > But RIPA defines the term "relevant time" very precisely, so that > Syd will problably get into possession of a new session key and the > information as well during this period since the giving of the notice > (yesterday) and the time by which Syd has to comply with the > notice (tomorrow). So at some point of time today Syd was in possession of the ephemeral session key, the protected information came into his computer, was decrypted (to reveal Alice's credit card number) and then discarded. The credit card number was used for whatever purpose, but Plod will need a search warrant to look inside Syd's computer to see what was done with that, because that was nothing to do with communications. So, for a few seconds, Syd was in possession of the key plus such bits of the protected information as were being decrytped during that time. But he has no means of obtaining access to it in that state (he can access the decrypted credit card number later on in some other part of his system, but that is irrelevant to the present purpose). So S50(1) does not apply. Oddly enough, S50(3) makes no provision for the case where Syd has the key and the protected information, but no means for applying the one to the other. So we have to suppose that Plod has declared a "special circumstance". So you are saying that Syd is then required to disclose the session key during those few seconds, as soon as it becomes available, because that is what the Notice said. The Act indeed takes no account of the fact that he has no means to do this (and the Courts would likely take a dim view of that - I doubt it would stand up under the Human Rights legislation). Or else, Syd has to rely on 53(4). > I think forgetting the session key and replacing the > asymmetric keys will be of no use then. In this case he has to show > (53-4) "that it was not reasonably practicable for him to make the > disclosure ". And Plod will sure be helpful that his capabilities > will have improved drastically next time a notice is comming in. But there is NO requirement in the Act for Syd to accept assistance from Plod. Plod might supply Syd with a program to do the job, but Syd is noway obliged to run Plod's program (who knows what sort of virus or trojan it might contain?). And the Home Office repeatedly said beforehand that people could use any cryptographic algorithms of their choice, and I would normally interpret that as meaning any implementation thereof of their choice. Charles H. Lindsey ---------At Home, doing my own thing------------------------ Email: chl@clw.cs.man.ac.uk Web: http://www.cs.man.ac.uk/~chl Voice/Fax: +44 161 436 6131 Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K. PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5 From I.Brown@cs.ucl.ac.uk Sun, 05 Nov 2000 15:54:06 +0000 Date: Sun, 05 Nov 2000 15:54:06 +0000 From: Ian BROWN I.Brown@cs.ucl.ac.uk Subject: RIPA and SSA Help? >Please could somebody explain to us what "chaffing and winnowing" means? See Ron Rivest's paper at http://theory.lcs.mit.edu/~rivest/chaffing-980701.txt Basically, it says that any signature scheme can be used to encrypt data. All you do is send some "wheat" (the real info) and lots of chaff (cover traffic). The wheat is signed using a symmetric authentication key shared between the communicating parties; the chaff is not. So Jack the eavesdropper sees a stream like: 0100 1000 0101 0111 0100 Only the recipient knows that 0111's signature (not shown here!) verifies correctly; the other bits of data don't, and so are discarded. There are some further improvements in Ron's paper, but that is the gist of the scheme. Ian :) From benc@hawaga.org.uk Sun, 5 Nov 2000 15:56:54 +0000 (/etc/localtime) Date: Sun, 5 Nov 2000 15:56:54 +0000 (/etc/localtime) From: Ben Clifford benc@hawaga.org.uk Subject: RIPA and SSA Help? -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > Please could somebody explain to us what "chaffing and winnowing" means? Chaff is the part of wheat that you don't want. Winnowing is the process of removing the chaff. You split your message into many blocks and append each block with a message authentication code. Then you mix your blocks into a stream of incorrectly authenticated blocks - the "chaff". To decrypt the stream, I need to be able to check the MACs - if I (or Enema) can't do this, then I (or her) have no way of knowing which blocks are data and which are chaff. If the MAC involves some form of shared secret, then an attacker cannot easily remove the chaff without knowing the shared secret. So an stream might be: send me 1 loaf of bread to location A, 96043865 send me 3 loaves of bread to location B, 765343 send me 1 loaf of bread to location B, 4723952 send me 2 loaves of bread to location A, 547375934 Enema can read all four of those messages, but she doesn't know which of them (if any) is actual data, because she cannot check the MACs. So she has to send the bread police to location A *and* to location B, and maybe only one loaf of bread will be delivered, which is specifically permitted under section 3 of the Bread Act of 1897. Ron Rivest has a paper at: http://www.toc.lcs.mit.edu/~rivest/chaffing.txt One can argue that you have not encrypted your order for bread as you have transmitted the actual message "in the clear". Whether this would count as encryption or not under UK law, I cannot say. Hope this is of some help. Ben - -- http://www.hawaga.org.uk/c0deZ/globeApplet/ for my rotating world map applet http://www.hawaga.org.uk/benc_key.txt GPG key 0x30F06950 - please use it! http://www.hawaga.org.uk/ben/ my homepage -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.1 (GNU/Linux) Comment: PGPEnvelope - http://www.bigfoot.com/~ftobin/resources.html iD8DBQE6BYOJsYXoezDwaVARAs/FAJ9NY6y1LN5YN+tYZ5MvdqzPnmbZugCfdjnc LrjiajsEKemRxDqUxl9P/Ro= =oRWs -----END PGP SIGNATURE----- From peter.fairbrother@ntlworld.com Sun, 05 Nov 2000 01:55:29 +0000 Date: Sun, 05 Nov 2000 01:55:29 +0000 From: Peter Fairbrother peter.fairbrother@ntlworld.com Subject: another RIP question set... on 4/11/00 7:53 am, David Swarbrick at david@swarb.freeuk.com wrote: > In message , Peter > Fairbrother writes >> on 3/11/00 10:58 pm, Ben Clifford at benc@hawaga.org.uk wrote: >> >>> >>> On Fri, 3 Nov 2000, Owen Blacker wrote: >>> >>>> IIRC, anyone told (legally or otherwise) by the recipient of a notice >>>> is similarly constrained by its gagging clause, if there is one... >>> >>> Indeed, I have now found s54, which says that everyone who becomes aware >>> of "it or its contents" [it == s49 notice], which I missed before. >>> >>> What if someone becomes aware that a particular key has been disclosed, >>> without necessarily knowing that it become disclosed via a s49 notice? >>> >>> If someone says to me >>> "hello. I know that key 0x12345678 has been disclosed" [an illegal act] >>> I then know that this key has been disclosed, but have I become aware of >>> the s49 notice or its contents? >>> If not, then as far as I can see, I can legitimately repeat to others: >>> "hello. I know that key 0x12345678 has been disclosed". >> >> And ISTR from the Parliamentary debate that you can announce to anyone that >> the key has been compromised. >> > Parliamentary answers will count for little. The codes of practice a bit > more, but eventually, and always and only, look to the statute. >> Isn't there some convention or precedent that says Parliamentary discussion, especially Ministerial Statements made before the passing of an Act regarding the interpretation and intention of that Act, is not just admissable for consideration but of more relevance than the exact wording of an Act? That's certainly the understanding of some Members of the House of Lords I was talking to when they passed RIPA. c/f this comment by Charles Lindsey: " What I meant was that they "wouldn't" prosecute the person unwittingly receiving the communication, because they are all nice decent chaps, and it wouldn't be cricket, would it? That must be correct, because that is what the nice Minister said in Committee. " Peter From benc@hawaga.org.uk Sun, 5 Nov 2000 16:07:42 +0000 (/etc/localtime) Date: Sun, 5 Nov 2000 16:07:42 +0000 (/etc/localtime) From: Ben Clifford benc@hawaga.org.uk Subject: RIPA and SSA Help? -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sun, 5 Nov 2000, Ian BROWN wrote: > >Please could somebody explain to us what "chaffing and winnowing" means? > See Ron Rivest's paper at http://theory.lcs.mit.edu/~rivest/chaffing-980701.txt > There are some further improvements in Ron's paper, but that is the gist of > the scheme. There are also some interesting scenarios - for example, an intermediary can encrypt Alice's transmissions to Bob without Alice being aware that her transmission are being encrypted and without Bob being aware that he is decrypting them. Note that I use encrypt and decrypt in a "loose" sense here - the paper claims that encryption and decryption is not taking place. Personally I think that under some interpretations it is taking place. - -- http://www.hawaga.org.uk/c0deZ/globeApplet/ for my rotating world map applet http://www.hawaga.org.uk/benc_key.txt GPG key 0x30F06950 - please use it! http://www.hawaga.org.uk/ben/ my homepage -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.1 (GNU/Linux) Comment: PGPEnvelope - http://www.bigfoot.com/~ftobin/resources.html iD8DBQE6BYXzsYXoezDwaVARAmGkAJ0aOLpjfCstTPUuoWnsyeuz6B2GBgCdHmd/ /kY0qphEbMmzxn2PhqNeKOQ= =fbpp -----END PGP SIGNATURE----- From donald@ramsbottom.co.uk Sun, 05 Nov 2000 16:44:34 +0000 Date: Sun, 05 Nov 2000 16:44:34 +0000 From: Donald Ramsbottom donald@ramsbottom.co.uk Subject: H.R. 2413 At 16:34 04/11/00 -0400, you wrote: > >Where are the shades of RIP? There is no mention of key recovery, trusted >third parties, or key escrow as far as I am aware in this bill. It seems >to be more of establishing a U.S. federal guideline for digital signatures >and certificate authorities to have compatible standards -- not unlike the >standards for notary publics and the legal framework for ink >based signatures. > >Digital signature schemes and CAs need standards to be compatible, in >order to become widely adopted. Unless you'd rather use the UPS style of >'stylus on a touch screen' for an "electronic signature" which gains none >of the supposed advantages possible with digital signatures (should be >harder to forge, and should easier to have a high degree of confidence). > Yep, your right having looked at it, (the bill) rather than a precis, there is nothing in at all that is RIP like. Allegation (unfounded) withdrawn. Mental note, check source material before opening big mouth. Apologies for misleading anyone. Donald Ramsbottom LL.B, BA (Hons). RAMSBOTTOM & Co. Solicitors Internet Law & Global Cryptology Law Specialists 5 Seagrove Avenue, Hayling Island, Hants, PO11 9EU, England. Tel (44) (023) 9246 5931 Fax (44) (023)9246 8349 Ramsbottom & Co is regulated by the Law Society in the conduct of investment business Service by Fax or E-Mail NOT Accepted From nbohm@ernest.net Sun, 05 Nov 2000 16:50:37 +0000 Date: Sun, 05 Nov 2000 16:50:37 +0000 From: Nicholas Bohm nbohm@ernest.net Subject: How to comply with RIPA-53 ? (was: Re: How RIP-proof is SSL?) At 03:19 PM 11/5/2000 +0000, Charles Lindsey wrote: > On Sun, 05 Nov 2000 10:02:23 +0000 > Nicholas Bohm said... > >> We should keep an issue alive on this point: it is strongly arguable that >> a "likely to" notice can only apply to protected information which exists >> at the time the notice is issued but is not yet in the possession of the >> relevant person (e.g. because he's on his way to your office with a warrant >> to seize it); and that it cannot apply to future communications. > >Now there's an interesting thought (I had always assumed the contrary). When attacking a Bill, assume the worst of it so as to make the greatest improvements; when applying the Act, look for the most favourable effect to take advantage of. >You say it is "arguable". Would you care to start arguing? ..................................... 49. - (1) This section applies where any protected information- (a) has come into the possession of any person by means of the exercise of a statutory power to seize, detain, inspect, search or otherwise to interfere with documents or other property, or is likely to do so; ..................................... The argument is that "any protected information" (1) means some particular protected information; otherwise it would have said "... applies where protected information" omitting the "any"; and (independently) (2) must mean the same thing in all parts of the section; and since protected information which has come into the possession of the various persons named must already exist, so must the protected information which is "likely" to do so. Further, (3) statutory powers in relation to obtaining information are potentially an invasion of the HR Convention-protected right to respect for privacy, and must be interpreted so as to be as specific rather than as general as possible to narrow the invasion to the minimum; (4) statutes creating criminal offences are to be interpreted narrowly so as to create the smallest rather than the greatest degree of criminality. Regards, Nicholas Bohm Salkyns, Great Canfield, Takeley, Bishop's Stortford CM22 6SX, UK Phone 01279 871272 (+44 1279 871272) Fax 01279 870215 (+44 1279 870215) Mobile 07715 419728 (+44 7715 419728) PGP RSA 1024 bit public key ID: 0x08340015. Fingerprint: 9E 15 FB 2A 54 96 24 37 98 A2 E0 D1 34 13 48 07 PGP DSS/DH 1024/3072 public key ID: 0x899DD7FF. Fingerprint: 5248 1320 B42E 84FC 1E8B A9E6 0912 AE66 899D D7FF From agl@linuxpower.org Sun, 5 Nov 2000 18:42:51 +0000 Date: Sun, 5 Nov 2000 18:42:51 +0000 From: Adam Langley agl@linuxpower.org Subject: GCHQ move costs quintuple to ?300m --9jxsPFA5p3P2qPhR Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Nov 03, 2000 at 12:23:30PM -0000, Ian Brown wrote: > A RETIRED general was called in to monitor the soaring cost of one of > Britain's shortest military advances: the transfer of GCHQ spy-centre sta= ff > from one side of Cheltenham to the other. There are 2 GCHQ sites in Chelt. One is about 5 minutes walk away from here= =20 and was recently massivly extended with huge new building that extends many floors underground. That site is being completly scrapped. The second site is older and the new GCHQ is being built on the same site. = It's right next door. AGL -- 90% of generation[x] will always think that generation[x+2] are too liberal. --9jxsPFA5p3P2qPhR Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iEYEARECAAYFAjoFqisACgkQzaVS3yy2PWAdyQCePj/JngKG2yvHCaepJhFhaUx3 5j8AoKh+Cxnt+wKJzjbbfCvGU2gPdoHK =cLGv -----END PGP SIGNATURE----- --9jxsPFA5p3P2qPhR-- From jon+ukcrypto@unequivocal.co.uk Sun, 5 Nov 2000 17:54:34 +0000 Date: Sun, 5 Nov 2000 17:54:34 +0000 From: Jon Ribbens jon+ukcrypto@unequivocal.co.uk Subject: another RIP question set... Peter Fairbrother wrote: > Isn't there some convention or precedent that says Parliamentary discussion, > especially Ministerial Statements made before the passing of an Act > regarding the interpretation and intention of that Act, Pepper v Hart - this has come up on this list before. Judges may look at Hansard, but they will generally be reluctant to do so, and will not consider it unless the statute is unclear. > is not just admissable for consideration but of more relevance than > the exact wording of an Act? Absolutely not! A Judge may *never* make a ruling that contradicts the plain wording of an Act of Parliament. Cheers Jon (IANAL) From roland@linx.net Sun, 5 Nov 2000 19:00:59 +0000 Date: Sun, 5 Nov 2000 19:00:59 +0000 From: Roland Perry roland@linx.net Subject: yet more RIP qs In article , Ben Clifford writes >If I ceased to be employed, could I then talk about warrants that I >subsequently became aware of? Non-legal common sense says: only if you can *prove* you heard about them after leaving! If they were dated after you left, and weren't older warrants re-issue, that should be pretty safe. > Could I talk about warrants that I was aware >of at the time I was an employee? Of course not. >Or has the fact that I worked for an >ISP "tainted " me for life? Only regarding what secrets you learnt while employed there. -- Roland Perry | tel: +44 1733 207705 | roland@linx.org Interim CEO | fax: +44 1733 207729 | http://www.linx.net London Internet Exchange | mbl: +44 7050 604080 | /contact/roland From Ian_Miller@singularis.ltd.uk Sun, 5 Nov 2000 16:02:05 +0000 Date: Sun, 5 Nov 2000 16:02:05 +0000 From: Ian Miller Ian_Miller@singularis.ltd.uk Subject: RIPA and SSA Help? Charles Lindsey wrote:- > >Please could somebody explain to us what "chaffing and winnowing" means? > It is either a form of encryption or an alternative to it, depending on your precise definition of encryption. It consists of breaking the message up into small parts and signing them, then mixing in a number of other message fragments with bad signatures. Anyone without the signature verification key is unable to separate the message from the 'chaff'. It was devised by Rivest and his original paper is on-line at http://theory.lcs.mit.edu/~rivest/chaffing.txt Ian -- Ian_Miller FAI-D10204 PGP Fingerprint: 2A20 4610 E596 2740 91B1 95BA CAD3 BC14 Antworten auf Deutsch waeren mir angenehm. From owenfb@easynet.co.uk Sun, 5 Nov 2000 22:44:36 -0000 Date: Sun, 5 Nov 2000 22:44:36 -0000 From: Owen Blacker owenfb@easynet.co.uk Subject: Fw: yet more RIP qs -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Oops, sent from wrong account! :o) - ----- Original Message ----- From: "Owen Blacker" To: Sent: Sunday, November 05, 2000 8:51 PM Subject: Re: yet more RIP qs > All of which is surely no different from any other issue you might > have learnt whilst in someone's employ, not just statutory > secrets... > :o) > > ----- Original Message ----- > From: "Roland Perry" > To: > Sent: Sunday, November 05, 2000 7:00 PM > Subject: Re: yet more RIP qs > > > > In article > , > Ben Clifford writes > > >If I ceased to be employed, could I then talk about warrants > > >that I subsequently became aware of? > > > > Non-legal common sense says: only if you can *prove* you heard > > about them after leaving! If they were dated after you left, and > > weren't older warrants re-issue, that should be pretty safe. > > > > > Could I talk about warrants that I was aware > > > of at the time I was an employee? > > > > Of course not. > > > > > Or has the fact that I worked for an > > > ISP "tainted " me for life? > > > > Only regarding what secrets you learnt while employed there. > -----BEGIN PGP SIGNATURE----- Version: PGP 7.0 iQA/AwUBOgXiwFVeQSYAA2h0EQJsWACg2XPMso5d2AgK7gWQS3JQWronF5AAniIx NxcIZ9iFQBRANQL6jcgMVFee =X6HU -----END PGP SIGNATURE----- From dave@xemu.demon.co.uk Sun, 5 Nov 2000 19:18:01 +0000 Date: Sun, 5 Nov 2000 19:18:01 +0000 From: Dave Bird dave@xemu.demon.co.uk Subject: GPL in the UK -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 In message <533.343T1201T7843318ghira@mistral.co.uk>, Adam Atkinson writes >On 03-Nov-00 11:39:40, Owen Lewis said: > >>The history of C&E as a bunch of poachers turned gamekeepers extends back at >>least to the reciprocal French and English blockades of Napoleonic times. > >Whereas the Mafia, interestingly, are gamekeepers turned poachers. OK, I'll bite, in what way were they once "gamekeepers" ? |~/ |~/ ~~|;'^';-._.-;'^';-._.-;'^';-._.-;'^';-._.-;||';-._.-;'^';||_.-;'^'0-|~~ P | Woof Woof, Glug Glug ||____________|| 0 | P O | Who Drowned the Judge's Dog? | . . . . . . . '----. 0 | O O | answers on *---|_______________ @__o0 | O L |_____________|/_______| L www.xemu.demon.co.uk 2B0D 5195 337B A3E6 DDAC BD38 7F2F FD8E 7391 F44F -----BEGIN PGP SIGNATURE----- Version: PGPsdk version 1.7.1 iQA/AwUBOgWyaX8v/Y5zkfRPEQKh9QCgmRku92dtU8TjE6WKhw6EZBxejh0AnjMN jRiUv4WJPL0zewoMWPeYBvHn =CyJB -----END PGP SIGNATURE----- From dave@xemu.demon.co.uk Sun, 5 Nov 2000 19:13:01 +0000 Date: Sun, 5 Nov 2000 19:13:01 +0000 From: Dave Bird dave@xemu.demon.co.uk Subject: How to comply with RIPA-53 ? (was: Re: How RIP-proof is SSL?) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 In message , Ralf Senderek writes >But RIPA defines the term "relevant time" very precisely, so that >Syd will problably get into possession of a new session key and the >information as well during this period since the giving of the notice >(yesterday) and the time by which Syd has to comply with the >notice (tomorrow). I think forgetting the session key and replacing the >asymmetric keys will be of no use then. In this case he has to show >(53-4) "that it was not reasonably practicable for him to make the >disclosure ". And Plod will sure be helpful that his capabilities >will have improved drastically next time a notice is comming in. Remember that servers are in many countries, not all of them backward authoritarian dumps like Britain, and that you can chain- or onion- route through several of them. Having said that..... There is very little that can be done once a server node has been corrupted and for as long as it remains corrupted. My questions are: If told to disclose ant messages that arrive through your private service for Fred, is it an alternative to say "I am no longer operating this service it is shut down and off the air." (Then all the messages will bounce and not arrive, so it cannot be said you received something which you had been told to disclose then failed to disclose it). Alternatively I recommend simply withholding confirmation-phrases without telling the thugs, and let them wonder what went wrong. Could you be forced to give a confirmation phrase even if they knew you had it? |~/ |~/ ~~|;'^';-._.-;'^';-._.-;'^';-._.-;'^';-._.-;||';-._.-;'^';||_.-;'^'0-|~~ P | Woof Woof, Glug Glug ||____________|| 0 | P O | Who Drowned the Judge's Dog? | . . . . . . . '----. 0 | O O | answers on *---|_______________ @__o0 | O L |_____________|/_______| L www.xemu.demon.co.uk 2B0D 5195 337B A3E6 DDAC BD38 7F2F FD8E 7391 F44F -----BEGIN PGP SIGNATURE----- Version: PGPsdk version 1.7.1 iQA/AwUBOgWxPH8v/Y5zkfRPEQLtIgCg426nGOpGNr7NGVhGJUBAroiYqjIAmgJh uekF1vU225GPsLSamGh1RutT =c4qK -----END PGP SIGNATURE----- From owen@owens-place.org.uk Sun, 5 Nov 2000 20:51:25 -0000 Date: Sun, 5 Nov 2000 20:51:25 -0000 From: Owen Blacker owen@owens-place.org.uk Subject: yet more RIP qs All of which is surely no different from any other issue you might have learnt whilst in someone's employ, not just statutory secrets... :o) ----- Original Message ----- From: "Roland Perry" To: Sent: Sunday, November 05, 2000 7:00 PM Subject: Re: yet more RIP qs > In article , Ben Clifford writes > >If I ceased to be employed, could I then talk about warrants that > >I subsequently became aware of? > > Non-legal common sense says: only if you can *prove* you heard > about them after leaving! If they were dated after you left, and > weren't older warrants re-issue, that should be pretty safe. > > > Could I talk about warrants that I was aware > > of at the time I was an employee? > > Of course not. > > > Or has the fact that I worked for an > > ISP "tainted " me for life? > > Only regarding what secrets you learnt while employed there. From adam.atkinson@etl.ericsson.se Mon, 6 Nov 2000 09:24:19 +0100 Date: Mon, 6 Nov 2000 09:24:19 +0100 From: Adam Atkinson (ETL) adam.atkinson@etl.ericsson.se Subject: GPL in the UK > >Whereas the Mafia, interestingly, are gamekeepers turned poachers. > > OK, I'll bite, in what way were they once "gamekeepers" ? Weren't they originally mercenaries hired by Sicilian landowners to protect their estates from roving gangs of bandits? As one might expect, the mercenaries ended up in control. From davidh@spidacom.co.uk Mon, 6 Nov 2000 10:20:39 -0000 Date: Mon, 6 Nov 2000 10:20:39 -0000 From: David Hansen davidh@spidacom.co.uk Subject: GPL in the UK On 6 Nov 00, at 9:24, Adam Atkinson (ETL) wrote: > Weren't they originally mercenaries hired by Sicilian landowners > to protect their estates from roving gangs of bandits? As one might > expect, the mercenaries ended up in control. I recall reading somewhere that Mussolini almost eradicated the Maffia. However, the US Army (intentionaly or not) allowed them to be come powerful again when it occupied Italy. David Hansen | davidh@spidacom.co.uk | PGP email preferred Edinburgh | CI$ number 100024,3247 | key number F566DA0E From oml@eloka.demon.co.uk Mon, 6 Nov 2000 11:30:43 -0000 Date: Mon, 6 Nov 2000 11:30:43 -0000 From: Owen Lewis oml@eloka.demon.co.uk Subject: GCHQ move costs quintuple to ?300m ----- Original Message ----- From: "Adam Langley" To: Sent: 05 November 2000 18:42 Subject: Re: GCHQ move costs quintuple to ?300m As anyone who has passed the Oakley Farm site can testify, many of the biuldings there are wel past their design life, being of simlar construction to the 'Op Humane' prefabricated units thrown up in Germany in 1946 so that the BAOR sould not have to spend a second continental winter under canvas. There comes a time when patching and mending what was built to last for a maximum of 25 years is less economic than building new. The supposed extraordinary cost increment to ensure that GCHQ remains up and running throughout is a red herring. Again those who have seen the site could not suppose that it could be rebuilt without closing all work there. Such a closure would be for years rather than months. Anyone who has worked on something as volatile as spectral activity will know that the effects of even three months away from data collection can have most serious knock on effects. As to whether 300M is a reasonable sum... stand at the gate, estimate the total floor area and apply standard per sq ft building costs. Then double them for the security overhead. Finally, use the advertised cost of the Vauxhall Legoland as a comparator. Sounds like a bargain to me, some new equipment et al... The surprise is the many-fold increment over the orignal forecast. Again, any person familiar with the funding of major defence capital projects will be familiar with the scenario. One needs to lie through one's teeth to get Ministers to agree to the project, rather than postpone it for the nth time to await a change of ruling party - so that it is their side that takes the benefit of of criticising the 'imprudent waste of taxpayer's money'. The real scale of the cost should only uncloak after the project has passed the oint of no return. A rather silly game, true, but one that has been played ever since Parliament used to go bolshy over paying for the monarch's military adventures. From oml@eloka.demon.co.uk Mon, 6 Nov 2000 12:12:01 -0000 Date: Mon, 6 Nov 2000 12:12:01 -0000 From: Owen Lewis oml@eloka.demon.co.uk Subject: GPL in the UK ----- Original Message ----- From: "David Hansen" To: Sent: 06 November 2000 10:20 Subject: RE: GPL in the UK > I recall reading somewhere that Mussolini almost eradicated the > Maffia. However, the US Army (intentionaly or not) allowed them to > be come powerful again when it occupied Italy. It was quite deliberate. The USG 'recruited' the Mafia through the US capos for sabotage, intelligence and quickly to put in 'Italian' local and regional govt placement who were reliably neither Fascisti not Communisti. This did not just restore the status quo ante for the Mafia but gave them a grip on all Italian political life that they could never have otherwise aspired to. That good and loyal US citizen Lucky Luciano was one of the prime movers in arraining for the initial 'assistance'. It is said, that the many US lives saved by this cooperation was the reason why Edgar Hoover insisted, almost to the end of his life, that there was no such thing as 'Cosa Nostra' in the US. This 'blind eye' (at the very least) assisted the consolidation of the mafia at the heart of US life for over a generation afterwards. The Kennedys, John & Bobby, were the first US politicians to take on the Mafia seriously - and look what happened to them. JFK in particular bit the hand that had fed him as, one is led to believe, it was the Mafia stuffing of ballot boxes in critical Chigago wards that gave him his paper-thin victory over Richard Nixon. It's interesting that, for all the opprobrium heaped later onto Nixon, no one ever suggested that he was a bought man. He was even right about Alger Hiss :-) Whilst Kennedy was to be sanctified as a national hero. Strange world; all makes a 24 years old DD ticket look really quite tame. Owen Owen From roland@linx.net Mon, 6 Nov 2000 11:44:19 +0000 Date: Mon, 6 Nov 2000 11:44:19 +0000 From: Roland Perry roland@linx.net Subject: yet more RIP qs In article <013201c0476a$31717b00$2400a8c0@owenras>, Owen Blacker writes >All of which is surely no different from any other issue you might >have learnt whilst in someone's employ, not just statutory secrets... Not really, while employed by someone you learn new skills and techniques, and make contacts with people, that can't be unlearnt. How many of these can genuinely be called "trade secrets", or protected by contract, is a source of great amusement to employment lawyers. -- Roland Perry | tel: +44 1733 207705 | roland@linx.org Interim CEO | fax: +44 1733 207729 | http://www.linx.net London Internet Exchange | mbl: +44 7050 604080 | /contact/roland From chl@clw.cs.man.ac.uk Mon, 6 Nov 2000 10:51:07 +0000 (GMT) Date: Mon, 6 Nov 2000 10:51:07 +0000 (GMT) From: Charles Lindsey chl@clw.cs.man.ac.uk Subject: RIPA and SSA Help? On Sun, 05 Nov 2000 15:54:06 +0000 Ian BROWN said... > See Ron Rivest's paper at http://theory.lcs.mit.edu/~rivest/chaffing-980701.txt > > Basically, it says that any signature scheme can be used to encrypt data. All > you do is send some "wheat" (the real info) and lots of chaff (cover > traffic). The wheat is signed using a symmetric authentication key shared > between the communicating parties; the chaff is not. So Jack the eavesdropper > sees a stream like: > > 0100 1000 0101 0111 0100 > > Only the recipient knows that 0111's signature (not shown here!) verifies > correctly; the other bits of data don't, and so are discarded. > Right, so suppose Alice wants to send a message to Bob, relying on Bob's secret signature-only key. I don't see where this helps her (which is where we came in). Charles H. Lindsey ---------At Home, doing my own thing------------------------ Email: chl@clw.cs.man.ac.uk Web: http://www.cs.man.ac.uk/~chl Voice/Fax: +44 161 436 6131 Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K. PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5 From chl@clw.cs.man.ac.uk Mon, 6 Nov 2000 10:58:15 +0000 (GMT) Date: Mon, 6 Nov 2000 10:58:15 +0000 (GMT) From: Charles Lindsey chl@clw.cs.man.ac.uk Subject: How to comply with RIPA-53 ? (was: Re: How RIP-proof is SSL?) On Sun, 05 Nov 2000 16:50:37 +0000 Nicholas Bohm said... > ..................................... > 49. - (1) This section applies where any protected information- > > (a) has come into the possession of any person by means of the exercise of > a statutory power to seize, detain, inspect, search or otherwise to > interfere with documents or other property, or is likely to do so; > ..................................... > > The argument is that "any protected information" > > (1) means some particular protected information; otherwise it would have > said "... applies where protected information" omitting the "any"; and > (independently) Hmmmm! That seems to be stretching the meaning of "any". Suppose it is known for sure trhat Alice is going to send a message to Bob at 10.00am next Friday (because Alice has publicly said so), and Plod is making his preparations (by serving a Notice on Bob). Plod is now able to identify very precisely which protected information he is talking about, and it is clearly likely to be in his possession at 10.01 on Friday, so I think his notice to Bob could be valid. Agreed that where the information available is less definite, your argument might work. Perhaps all the lawyers on this list would like to comment on the validity of the argument. Charles H. Lindsey ---------At Home, doing my own thing------------------------ Email: chl@clw.cs.man.ac.uk Web: http://www.cs.man.ac.uk/~chl Voice/Fax: +44 161 436 6131 Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K. PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5 From david@swarb.freeuk.com Mon, 6 Nov 2000 07:19:20 +0000 Date: Mon, 6 Nov 2000 07:19:20 +0000 From: David Swarbrick david@swarb.freeuk.com Subject: another RIP question set... In message , Peter Fairbrother writes >>> >>> And ISTR from the Parliamentary debate that you can announce to anyone that >>> the key has been compromised. >>> >> Parliamentary answers will count for little. The codes of practice a bit >> more, but eventually, and always and only, look to the statute. >>> > >Isn't there some convention or precedent that says Parliamentary discussion, >especially Ministerial Statements made before the passing of an Act >regarding the interpretation and intention of that Act, is not just >admissable for consideration but of more relevance than the exact wording of >an Act? That's certainly the understanding of some Members of the House of >Lords I was talking to when they passed RIPA. > >c/f this comment by Charles Lindsey: > >" >What I meant was that they "wouldn't" prosecute the person unwittingly >receiving the communication, because they are all nice decent chaps, and >it wouldn't be cricket, would it? That must be correct, because that is >what the nice Minister said in Committee. >" There is such a rule, but it is very restricted. There needs to be ambiguity to start with. It will be particularly inapplicable in this case precisely because of the activities of this list. If a ministerial comment is made as the Act is passed, that is one thing, but if a section changes after the speech (and these sections were changed several times), how will a court discover whether the speech which applied to one version still applies to the amended version? They will not wish to get involved in such entrails examination. -- David Swarbrick, Solicitor. Computer and Internet Law and Contracts david@swarb.freeuk.com T: +44(0)1484 722531 F: +44(0)1484 716617 Law-index of 11,400+ case summaries at www.swarb.co.uk From nbohm@ernest.net Mon, 06 Nov 2000 13:03:23 +0000 Date: Mon, 06 Nov 2000 13:03:23 +0000 From: Nicholas Bohm nbohm@ernest.net Subject: How to comply with RIPA-53 ? (was: Re: How RIP-proof is SSL?) At 10:58 AM 11/6/2000 +0000, Charles Lindsey wrote: > On Sun, 05 Nov 2000 16:50:37 +0000 > Nicholas Bohm said... > >> ..................................... >> 49. - (1) This section applies where any protected information- >> >> (a) has come into the possession of any person by means of the exercise of >> a statutory power to seize, detain, inspect, search or otherwise to >> interfere with documents or other property, or is likely to do so; >> ..................................... >> >> The argument is that "any protected information" >> >> (1) means some particular protected information; otherwise it would have >> said "... applies where protected information" omitting the "any"; and >> (independently) > >Hmmmm! That seems to be stretching the meaning of "any". Suppose it is >known for sure trhat Alice is going to send a message to Bob at 10.00am >next Friday (because Alice has publicly said so), and Plod is making his >preparations (by serving a Notice on Bob). Plod is now able to identify >very precisely which protected information he is talking about, and it >is clearly likely to be in his possession at 10.01 on Friday, so I think >his notice to Bob could be valid. Agreed that where the information >available is less definite, your argument might work. Perhaps all the >lawyers on this list would like to comment on the validity of the >argument. Bear in mind that this (and the other points) were made so as to try to alert anyone who may face this issue in reality (as distinct from anticipation) that the validity of a notice relating to future protected information which does not exist (and is therefore not protected) at the time the notice is given could be challenged: it seems to me that we should try to ensure that the issue stays alive, and is not conceded by default. I shall of course be interested in others' views; but it is the sort of point on which a court could go either way, and thus cannot be resolved finally until Strasbourg. Regards, Nicholas Bohm Salkyns, Great Canfield, Takeley, Bishop's Stortford CM22 6SX, UK Phone 01279 871272 (+44 1279 871272) Fax 01279 870215 (+44 1279 870215) Mobile 07715 419728 (+44 7715 419728) PGP RSA 1024 bit public key ID: 0x08340015. Fingerprint: 9E 15 FB 2A 54 96 24 37 98 A2 E0 D1 34 13 48 07 PGP DSS/DH 1024/3072 public key ID: 0x899DD7FF. Fingerprint: 5248 1320 B42E 84FC 1E8B A9E6 0912 AE66 899D D7FF From Richard.Cox@mandarin.org Mon, 6 Nov 2000 14:10 +0000 (GMT Standard Time) Date: Mon, 6 Nov 2000 14:10 +0000 (GMT Standard Time) From: Richard D G Cox Richard.Cox@mandarin.org Subject: Intercepting e-mail illegal, French court rules >From Agence France-Presse via Telecom Digest, Friday, November 3, 2000 PARIS -- In a ground-breaking case, a French court ruled yesterday that e-mail is covered by the country's privacy laws and awarded damages to a Kuwaiti student who was snooped on by university authorities. http://www.globetechnology.com/archive/gam/News/20001103/IBSOME.html (Vive la difference ...) From cb@fipr.org Mon, 6 Nov 2000 14:26:00 -0000 Date: Mon, 6 Nov 2000 14:26:00 -0000 From: Caspar Bowden cb@fipr.org Subject: RIP Info Centre updated RIP Info centre updated with: 1) Question by Diana Wallis MEP on legality of RIP and FULL TEXT of answer by Commissioner Liikanen 23/10/00 2) News archive up to 785 stories (several discoveries filled in from past few months) REMINDER: Home Office formal consultation on Codes of Practice for RIP Pt.I Ch.I (interception) closes on 17th November. REMINDER: FREE seminar for journalists and editors only on 16th November - "Living with the RIP - A Journalist's Guide to Surviving Cyber-Regulation" http://www.courseleader.com/about/press/mediaforum.asp -- Caspar Bowden Tel: +44(0)20 7354 2333 Director, Foundation for Information Policy Research RIP Information Centre at: www.fipr.org/rip#media From DHowe@Hawkswing.demon.co.uk Mon, 6 Nov 2000 14:40:39 -0000 Date: Mon, 6 Nov 2000 14:40:39 -0000 From: Dave Howe DHowe@Hawkswing.demon.co.uk Subject: How to comply with RIPA-53 ? (was: Re: How RIP-proof is SSL?) Charles Lindsey wrote: > Hmmmm! That seems to be stretching the meaning of "any". Suppose it is > known for sure trhat Alice is going to send a message to Bob at 10.00am > next Friday (because Alice has publicly said so), and Plod is making his > preparations (by serving a Notice on Bob). Plod is now able to identify > very precisely which protected information he is talking about, and it > is clearly likely to be in his possession at 10.01 on Friday, so I think > his notice to Bob could be valid. Agreed that where the information > available is less definite, your argument might work. Perhaps all the > lawyers on this list would like to comment on the validity of the > argument. Nope, that is missing the point. With c&w, he *has* the plaintext, just mixed up with several other plain texts which might and almost certainly do say contradictary things; What he is *missing* is the ability to verify a signature on certain blocks, which may well come under the "pure signature keys" exemption. for this, he needs the public half of Alice's sig key, which shouldn't be forthcoming as Alice's sig key is only used for signatures made by Alice! From DHowe@Hawkswing.demon.co.uk Mon, 6 Nov 2000 14:43:57 -0000 Date: Mon, 6 Nov 2000 14:43:57 -0000 From: Dave Howe DHowe@Hawkswing.demon.co.uk Subject: How to comply with RIPA-53 ? (was: Re: How RIP-proof is SSL?) ----- Original Message ----- From: Dave Howe To: Sent: Monday, November 06, 2000 2:40 PM Subject: Re: How to comply with RIPA-53 ? (was: Re: How RIP-proof is SSL?) > Charles Lindsey wrote: > > Hmmmm! That seems to be stretching the meaning of "any". Suppose it is > > known for sure trhat Alice is going to send a message to Bob at 10.00am > > next Friday (because Alice has publicly said so), and Plod is making his > > preparations (by serving a Notice on Bob). Plod is now able to identify > > very precisely which protected information he is talking about, and it > > is clearly likely to be in his possession at 10.01 on Friday, so I think > > his notice to Bob could be valid. Agreed that where the information > > available is less definite, your argument might work. Perhaps all the > > lawyers on this list would like to comment on the validity of the > > argument. > Nope, that is missing the point. With c&w, he *has* the plaintext, just > mixed up with several other plain texts which might and almost certainly do > say contradictary things; What he is *missing* is the ability to verify a > signature on certain blocks, which may well come under the "pure signature > keys" exemption. for this, he needs the public half of Alice's sig key, > which shouldn't be forthcoming as Alice's sig key is only used for > signatures made by Alice! Sorry, ignore this - I somehow got the two threads crossed. Just getting back from a four-day party tends to do things like that to you :+) From mjdb@dorevale.demon.co.uk Mon, 6 Nov 2000 18:22:06 +0000 (GMT) Date: Mon, 6 Nov 2000 18:22:06 +0000 (GMT) From: M J D Brown mjdb@dorevale.demon.co.uk Subject: How to comply with RIPA-53 ? (was: Re: How RIP-proof is SSL?) On Sun 05 Nov, Dave Bird wrote: .... big snip .... > Alternatively I recommend simply withholding confirmation-phrases > without telling the thugs, and let them wonder what went wrong. > > Could you be forced to give a confirmation phrase even if > they knew you had it? As a confirmation phrase serves the purpose of a secure signature, the answer ought to be in the negative. In practice, however, it all depends on how persuasive they are round at the back of the bike shed. Mike. -- M J D Brown: Newhaven, Peterchurch, Herefordshire HR2 0RT, England From benc@hawaga.org.uk Mon, 6 Nov 2000 20:56:47 +0000 (/etc/localtime) Date: Mon, 6 Nov 2000 20:56:47 +0000 (/etc/localtime) From: Ben Clifford benc@hawaga.org.uk Subject: RIPA and SSA Help? -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, 6 Nov 2000, Charles Lindsey wrote: [chaffing&winnowing] > Right, so suppose Alice wants to send a message to Bob, relying on Bob's > secret signature-only key. I don't see where this helps her (which is > where we came in). Rivest specifically says that you need to use Designated Verifier/Confirmer signatures. These are digital signatures that can only be verified by persons/keys that the signer nominates, rather than by the world at large. However, there is another pair key involved in this process - I need your public key to be able to designate you as confirmer of my signatures. I suppose as long as this second key pair, belonging to you, is only used for being a designated confirmer, rather than anything else, it is also protected as a signature key. - -- http://www.hawaga.org.uk/c0deZ/globeApplet/ for my rotating world map applet http://www.hawaga.org.uk/benc_key.txt GPG key 0x30F06950 - please use it! http://www.hawaga.org.uk/ben/ my homepage -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.1 (GNU/Linux) Comment: PGPEnvelope - http://www.bigfoot.com/~ftobin/resources.html iD8DBQE6BxtdsYXoezDwaVARAr2UAJ9slThkIi8kmQ/LcG2POgiC5OHevACfSWVX LIpzO0I3A+irBN6RvwTdCxY= =bd4d -----END PGP SIGNATURE----- From benc@hawaga.org.uk Mon, 6 Nov 2000 21:02:32 +0000 (/etc/localtime) Date: Mon, 6 Nov 2000 21:02:32 +0000 (/etc/localtime) From: Ben Clifford benc@hawaga.org.uk Subject: Intercepting e-mail illegal, French court rules -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Mon, 6 Nov 2000, Richard D G Cox wrote: > PARIS -- In a ground-breaking case, a French court ruled yesterday that > e-mail is covered by the country's privacy laws and awarded damages to > a Kuwaiti student who was snooped on by university authorities. > > http://www.globetechnology.com/archive/gam/News/20001103/IBSOME.html > > (Vive la difference ...) ^^^^ ^^ ^^^^^^^^^^ Doesn't RIP do the same? - -- http://www.hawaga.org.uk/c0deZ/globeApplet/ for my rotating world map applet http://www.hawaga.org.uk/benc_key.txt GPG key 0x30F06950 - please use it! http://www.hawaga.org.uk/ben/ my homepage -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.1 (GNU/Linux) Comment: PGPEnvelope - http://www.bigfoot.com/~ftobin/resources.html iD8DBQE6BxyrsYXoezDwaVARAo3ZAJ9p3kCrqUcYOncpgeoY16efnxvqnQCfVovf JJvFjxSFfJXSTeWj+VrM160= =pfHS -----END PGP SIGNATURE----- From dave@xemu.demon.co.uk Mon, 6 Nov 2000 20:50:54 +0000 Date: Mon, 6 Nov 2000 20:50:54 +0000 From: Dave Bird dave@xemu.demon.co.uk Subject: How to comply with RIPA-53 ? (was: Re: How RIP-proof is SSL?) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 In message , M J D Brown writes >On Sun 05 Nov, Dave Bird wrote: > >.... big snip .... > >> Alternatively I recommend simply withholding confirmation-phrases >> without telling the thugs, and let them wonder what went wrong. >> >> Could you be forced to give a confirmation phrase even if >> they knew you had it? > >As a confirmation phrase serves the purpose of a secure signature, the >answer ought to be in the negative. In practice, however, it all >depends on how persuasive they are round at the back of the bike shed. It is always possible that the holder of secrets will be attacked with torture, beatings, or threats of framing or imprisonment. But there is a world of difference between doing what a thug forces you to, and agreeing it is right or volunteering to do more. Hence the usefulness of means of "deniable defiance". |~/ |~/ ~~|;'^';-._.-;'^';-._.-;'^';-._.-;'^';-._.-;||';-._.-;'^';||_.-;'^'0-|~~ P | Woof Woof, Glug Glug ||____________|| 0 | P O | Who Drowned the Judge's Dog? | . . . . . . . '----. 0 | O O | answers on *---|_______________ @__o0 | O L |_____________|/_______| L www.xemu.demon.co.uk 2B0D 5195 337B A3E6 DDAC BD38 7F2F FD8E 7391 F44F -----BEGIN PGP SIGNATURE----- Version: PGPsdk version 1.7.1 iQA/AwUBOgcZrn8v/Y5zkfRPEQL72wCg03vvM8iRGESKTM58XXnbO4eFDuYAn3Gm /cQGY3PMe+NA86TyRbKeMCIc =Lu9e -----END PGP SIGNATURE----- From Richard.Cox@mandarin.org Tue, 7 Nov 2000 00:16 +0000 (GMT Standard Time) Date: Tue, 7 Nov 2000 00:16 +0000 (GMT Standard Time) From: Richard D G Cox Richard.Cox@mandarin.org Subject: Intercepting e-mail illegal, French court rules Ben Clifford wrote: >> PARIS -- In a ground-breaking case, a French court ruled yesterday >> that e-mail is covered by the country's privacy laws and awarded >> damages to a Kuwaiti student who was snooped on by university >> authorities. >> >> http://www.globetechnology.com/archive/gam/News/20001103/IBSOME.html >> >> (Vive la difference ...) > ^^^^ ^^ ^^^^^^^^^^ > Doesn't RIP do the same? You mean, provide for the award of damages? From peter.fairbrother@ntlworld.com Tue, 07 Nov 2000 01:29:53 +0000 Date: Tue, 07 Nov 2000 01:29:53 +0000 From: Peter Fairbrother peter.fairbrother@ntlworld.com Subject: RIPA and SSA Help? on 5/11/00 4:07 pm, Ben Clifford at benc@hawaga.org.uk wrote: > On Sun, 5 Nov 2000, Ian BROWN wrote: > >>> Please could somebody explain to us what "chaffing and winnowing" means? >> See Ron Rivest's paper at >> http://theory.lcs.mit.edu/~rivest/chaffing-980701.txt > >> There are some further improvements in Ron's paper, but that is the gist of >> the scheme. > > There are also some interesting scenarios - for example, an intermediary > can encrypt Alice's transmissions to Bob without Alice being aware that > her transmission are being encrypted and without Bob being aware that he > is decrypting them. > > Note that I use encrypt and decrypt in a "loose" sense here - the paper > claims that encryption and decryption is not taking place. Personally I > think that under some interpretations it is taking place. And it surely falls into the category of encryption, "making hidden' from the Greek "kryptos' meaning hidden, even if it's hidden in plain sight. From donald@ramsbottom.co.uk Tue, 07 Nov 2000 07:37:21 +0000 Date: Tue, 07 Nov 2000 07:37:21 +0000 From: Donald Ramsbottom donald@ramsbottom.co.uk Subject: Regina v K There have been queries about interpreting statutes, burdens on prosecution and defendant and the like recently. Below is a case which has a look at these sorts of things, and may give some insight into the minds of the Courts. It is from today's Times Law Report. As ever if not interested please ignore. Regina v K Before Lord Justice Roch, Mr Justice Rougier and Mr Justice Gray Judgment October 31, 2000 Where a defendant was charged under section 14 of the Sexual Offences Act 1956 with indecent assault of a girl under the age of 16 there was no requirement that the prosecution prove that the defendant at the time of the incident did not honestly believe that the complainant was 16 or over. The Court of Appeal, Criminal Division, so held in a reserved judgment allowing an interlocutory appeal by the prosecution under section 35 of the Criminal Procedure and Investigations Act 1996 against a judge's ruling at a preliminary hearing in the crown court that the prosecution had to prove the absence of genuine belief that the complainant was aged 16 or over. Section 14 of the Sexual Offences Act 1956 provides: "(1) It is an offence, subject to the exception mentioned in sub-section (3) of this section, for a person to make an indecent assault on a woman. "(2) A girl under the age of 16 cannot in law give any consent which would prevent an act being an assault for the purposes of this section. "(3) Where a marriage is invalid under section 2 of the Marriage Act 1949, or section 1 of the Age of Marriage Act 1929 (the wife being a girl under the age of 16), the invalidity does not make the husband guilty of any offence under this section by reason of her incapacity to consent while under that age, if he believes her to be his wife and has reasonable cause for the belief. "(4) A woman who is a defective cannot in law give any consent which would prevent an act being an assault for the purposes of this section but a person is only to be treated as guilty of an indecent assault of a defective by reason of that incapacity to consent if that person knew or had reason to suspect her to be a defective." Mr Anthony Scrivener, QC and Mr Anthony Heaton-Armstrong for the Crown; Mr David Fisher, QC and Miss Irena Ray-Crosby for the defendant. LORD JUSTICE ROCH, giving the judgment of the court, said that the complaint in this case, made by a schoolgirl aged 14, was that she was indecently assaulted by K touching her private parts without her consent. K's case was that the girl told him she was 16 and he had no reason to disbelieve her. She consented to all the sexual activity which occurred between them. At a preliminary hearing on the question whether the prosecution had the burden of proving the absence of genuine belief that the girl was 16 or over, the judge reminded himself of the decision of the Court of Criminal Appeal in R v Maughan ((1934) 24 Cr App R 130), where it was held that the predecessor of section 14 of the 1956 Act did not permit a defence of honest but mistaken belief that the girl was over 16. He went on to observe that the House of Lords in B (a Minor) v Director of Public Prosecutions ((2000) 2 WLR 452) confirmed what he thought was settled law, namely that when it was a question of a mistake of fact, the belief need only be genuine, it did not have to be reasonable. The judge expressed the view that because the House of Lords in B overruled the decision of the Court of Criminal Appeal in R v Prince ((1875) LR 2 CCR 154), their Lordships had implicitly overruled the decision in Maughan. Mr Scrivener accepted that the case of B had established that the presumption that mens rea was an ingredient of an offence meant that, where the presumption applied, a defendant was not guilty if he held an honest belief that the facts were such that no offence had been committed. He further accepted that the case established that the presumption applied to all statutory offences unless Parliament had excluded it expressly or by necessary implication. Mr Scrivener conceded that section 14 did not in express terms exclude the presumption but argued that by the way in which it was drafted Parliament had excluded the presumption by necessary implication. The House of Lords in B were careful not to overrule R v Forde ((1923) 2 KB 400), R v Keech ((1929) 21 Cr App R 125) and R v Maughan when it came to the interpretation of section 14 of the 1956 Act. Mr Fisher argued that the authorities on which Mr Scrivener relied were old and were decided before the passing of the 1956 Act. In the light of the House of Lords decision in B those authorities should not longer be considered good law. In addition he submitted that to read section 14 as an example of Parliament implicitly overruling the presumption would be contrary to article 6(2) of the European Convention for the Protection of Human Rights and Fundamental Freedoms because it would in part destroy the presumption of innocence and allow the prosecution to obtain a conviction where the prosecution were not able to prove all the ingredients of the offence. In their Lordships' judgment Parliament, in the 1956 Act, did exclude any defence of genuine belief that the girl was over 16 to a charge of indecent assault on a girl under the age of 16. That had to follow from the terms of section 14 themselves. First, subsection (2) provided that in the case of a girl under the age of 16, however willing a participant she might have been in sexual activity between herself and the defendant, her consent could not stop that activity being an indecent assault upon her. Subsections (3) and (4) of section 14 did provide defences based on genuine belief, albeit that under subsection (3) the prosecution could defeat the defence by establishing that there was no reasonable cause for the belief. If Parliament had intended that genuine belief should be a defence to the offence created by section 14(1) it would have been unnecessary to enact subsections 3 and 4. It followed, in their lordships' judgment, that Parliament had excluded such a defence by necessary implication. The speeches of their Lordships in B had been read with care to see if the decision in that case allowed of a different conclusion. Lord Steyn there pointed out that the scope of section 14 and 15 was markedly narrower than section 1(1) of the Indecency with Children Act 1960 with which that case was concerned. Sections 14 and 15 required the Crown to prove an assault which necessarily required an intentional act and to that extent at least mens rea was an ingredient which the prosecution had to prove. The reading of section 14 which their Lordships considered to be correct was not, in their judgment, incompatible with article 6(2) of the Convention. The European Court of Human Rights in Salabiaku v France ((1988) 13 EHRR 379 paragraph 28) obseerved: "Article 6.2 does not therefore regard presumptions of fact or of law provided for in the criminal law with indifference. It requires states to confine them within reasonable limits which take into account the importance of what is at stake and maintain the rights of the defence." Parliament, in 1956, considered that the balance between the demands of the general interests of the community and the protection of the fundamental rights of the individual required that girls under the age of 16 should be protected by making it an offence for a person to touch them in circumstances which were indecent. The rights of the defence were maintained in that it was still for the prosecution to prove that the complainant was under 16 years of age and that there had been a deliberate touching of that girl by the defendant in circumstances which made the touching indecent. Their Lordships did not consider that by providing that the balance should be struck at that point Parliament was being unfair or unreasonable, although they expressed the hope that Parliament might look again at this area of the law relating to sexual offences. The appeal would be allowed. Solicitors: Crown Prosecution Service. Donald Ramsbottom LL.B, BA (Hons). RAMSBOTTOM & Co. Solicitors Internet Law & Global Cryptology Law Specialists 5 Seagrove Avenue, Hayling Island, Hants, PO11 9EU, England. Tel (44) (023) 9246 5931 Fax (44) (023)9246 8349 Ramsbottom & Co is regulated by the Law Society in the conduct of investment business Service by Fax or E-Mail NOT Accepted From chl@clw.cs.man.ac.uk Mon, 6 Nov 2000 22:22:40 +0000 (GMT) Date: Mon, 6 Nov 2000 22:22:40 +0000 (GMT) From: Charles Lindsey chl@clw.cs.man.ac.uk Subject: RIP Info Centre updated On Mon, 6 Nov 2000 14:26:00 -0000 "Caspar Bowden" said... > REMINDER: FREE seminar for journalists and editors only on 16th November - > "Living with the RIP - A Journalist's Guide to Surviving Cyber-Regulation" > http://www.courseleader.com/about/press/mediaforum.asp NO!!! He can't call it that. That is the title of the talk I am giving at Cambridge next Tuesday. BTW, I presume Ross is gpoing to circulate the Details of that, or am I supposed to do it myself? Charles H. Lindsey ---------At Home, doing my own thing------------------------ Email: chl@clw.cs.man.ac.uk Web: http://www.cs.man.ac.uk/~chl Voice/Fax: +44 161 436 6131 Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K. PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5 From cb@fipr.org Tue, 7 Nov 2000 11:33:22 -0000 Date: Tue, 7 Nov 2000 11:33:22 -0000 From: Caspar Bowden cb@fipr.org Subject: RIP Info Centre updated >> REMINDER: FREE seminar for journalists and editors only on >16th November - >> "Living with the RIP - A Journalist's Guide to Surviving >Cyber-Regulation" >> http://www.courseleader.com/about/press/mediaforum.asp > >NO!!! He can't call it that. That is the title of the talk I am giving >at Cambridge next Tuesday. Fraid it's been billed on the RIP Info site for ages. >BTW, I presume Ross is gpoing to circulate the Details of that, or am I >supposed to do it myself? I usually get the seminar circulars a week or two ahead, but I haven't seen that yet -- Caspar Bowden Tel: +44(0)20 7354 2333 Director, Foundation for Information Policy Research RIP Information Centre at: www.fipr.org/rip#media From benc@hawaga.org.uk Tue, 7 Nov 2000 09:32:30 +0000 (/etc/localtime) Date: Tue, 7 Nov 2000 09:32:30 +0000 (/etc/localtime) From: Ben Clifford benc@hawaga.org.uk Subject: RIPA and SSA Help? -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 7 Nov 2000, Peter Fairbrother wrote: > > Note that I use encrypt and decrypt in a "loose" sense here - the paper > > claims that encryption and decryption is not taking place. Personally I > > think that under some interpretations it is taking place. > > And it surely falls into the category of encryption, "making hidden' from > the Greek "kryptos' meaning hidden, even if it's hidden in plain sight. Yes, it looks like encryption to me - the sender is taking a deliberate action to hide the plaintext. Some of the more extreme scenarios are quite interesting, though, where a third party can encrypt a stream without either the sender or recipient being aware of it. - -- http://www.hawaga.org.uk/c0deZ/globeApplet/ for my rotating world map applet http://www.hawaga.org.uk/benc_key.txt GPG key 0x30F06950 - please use it! http://www.hawaga.org.uk/ben/ my homepage -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.1 (GNU/Linux) Comment: PGPEnvelope - http://www.bigfoot.com/~ftobin/resources.html iD8DBQE6B8xcsYXoezDwaVARAl4EAJ44mpyOBQVd05pWKI8tJWTAcgIzrwCfaEnz BzAK2/Ng8gIElExhs3ioc+Q= =6njg -----END PGP SIGNATURE----- From Q.G.Campbell@newcastle.ac.uk Tue, 7 Nov 2000 09:11:44 +0000 (GMT) Date: Tue, 7 Nov 2000 09:11:44 +0000 (GMT) From: Quentin Campbell Q.G.Campbell@newcastle.ac.uk Subject: GPL in the UK On Fri, 3 Nov 2000, Donald Ramsbottom wrote: [snip] > Of course if the rabble were able to impede HMG by encrypted comms (tries to > steer back on topic), then life might be slightly more tricky for HMG, but Donald Forget crypto as a means of protest - that has minuscle effect on Govt. Financial journalists have pointed out that what is vastly more effective as a protest would be to flood the banking system with cheques so that the cheque clearing system collapses. Writing a cheque is lawful and, as a means of protest, in the hands of almost everyone who drives a car. If we take as an example the campaign against taxes on fuel, it would also provide a good measure of the level of public support for that campaign. It would have been interesting to see how the Goverment reacted had the "organisers" of the fuel protest confined their plans for protest to urging the public to pay by cheque for fuel. It might have given the car driving public a lot of satisfaction. It would also give the expression "voting with your cheque book" a new meaning! Quentin -- PHONE: +44 191 222 8209 Computing Service, University of Newcastle FAX: +44 191 222 8765 Newcastle upon Tyne, United Kingdom, NE1 7RU. ------------------------------------------------------------------------- "Any opinions expressed above are mine. The University can get its own." From cb@fipr.org Tue, 7 Nov 2000 13:38:03 -0000 Date: Tue, 7 Nov 2000 13:38:03 -0000 From: Caspar Bowden cb@fipr.org Subject: SecurityFocus.com 26/10/2000: "Bill Punishes Crypto" http://www.securityfocus.com/templates/article.html?id=108 Bill Punishes Crypto Civil libertarians oppose a bill that would give crypto-savvy crooks extra prison time. By Kevin Poulsen October 26, 2000 3:36 PM PT WASHINGTON--Criminals who use encryption to conceal their wrongdoing will get harsher sentences than those who stick to plaintext, under computer crime legislation pending in the Senate that's attracted opposition from at least one civil liberties group. "The provision is objectionable because it stigmatizes the use of encryption, suggesting that it is somehow worse to use this method to conceal a crime than to use other methods," wrote the ACLU in a letter sent to the Hill on Wednesday. "Such a policy reflects the now discredited view that encryption is dangerous and must be contained." The Internet Integrity and Critical Infrastructure Protection Act of 2000 is sponsored by Senators Orrin Hatch (R-UT), Patrick Leahy (D-VT) and Charles Schumer (D-NY). It was injected into an unrelated bill that creates a national medal of valor for public safety officers, in the kind of last-minute shuffling typical of the final days of a congressional session. In addition to creating the new sentencing enhancement, the legislation would empower federal agents to use wiretaps and bugs when investigating computer crimes, allow for civil forfeiture of property in computer crime cases, and add computer hacking to the list of offenses for which juveniles could be tried federally. The prospect of broadening wiretap powers is particularly frustrating to privacy advocates who were eyeing a competing House measure that would have actually tightened controls on electronic surveillance. "The bill expands law enforcement wiretapping and necessarily will increase the interception of innocent conversations," says ACLU attorney Greg Nojeim. "It rejects the balanced approach of the House judicatory committee." The organization also opposes federalizing juvenile computer crime, arguing that the states are better equipped to handle juvenile justice. But a former federal prosecutor says that taking children to federal court may be a necessary evil. "Just try to get a local or state prosecutor to go and do a computer crime case," says Matt Yarbrough, a veteran of several hacker cases. "The prosecutors haven't been trained for it, and most of the police officers like to do what they're comfortable with." Moreover, says Yarbrough, now an attorney with Vinson & Elkins in Dallas, computer crime cases inevitably cross state lines, making federal court the proper place for handling them regardless of a suspect's age. "I'm just not sure that they have the capacity or capability to handle a juvenile computer crime case." On the enhanced sentence for criminals who use encryption, the former prosecutor sides with the ACLU. "Everyone should be encrypting," says Yarbrough. From dave@xemu.demon.co.uk Tue, 7 Nov 2000 15:45:05 +0000 Date: Tue, 7 Nov 2000 15:45:05 +0000 From: Dave Bird dave@xemu.demon.co.uk Subject: GPL in the UK -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 In message , Quentin Campbell writes >It would have been interesting to see how the Goverment reacted had the >"organisers" of the fuel protest confined their plans for protest to >urging the public to pay by cheque for fuel. But it is probably at the discretion of the retailer whether or not to accept cheques (certainly there are supermarkets which say "to maintain low prices we accept cash only"). So if the banks warned them they could not guarantee payment in reasonable time if they accepted a very large number of cheques, they would limit the number of cheques they accepted. _____ | | / / / \ \ / - -- -| Duck! | \__ ____ / \_____/ / \ / \ | Dave@xemu.demon.co.uk /| / You \ / | \ \ / |_\called?/__/ / | |_____________///////// < |____\_______| | |(______________ () \ | \ / () | () | | \\\\\\\\\ \| | __|__ | | _|___/___ \___ | | TWOING !!! __---- ----__\---\_ / __ | ______________________ \____-------------______/ \ / \ / / / / _/ ---| hmm, it theemth | / \ / / / | i thlighly | / $ / / | mithtook | / / / | your meaning there, | | | / | buthtah !!! | \______________// \______________________/ \________/ -----BEGIN PGP SIGNATURE----- Version: PGPsdk version 1.7.1 iQA/AwUBOggjgH8v/Y5zkfRPEQLDnwCgg7BN/zx7yCtFjP5PV0TcBl1QTyYAn3ZD GU3eK1tVtWzziW7D3o0buFCP =3VC2 -----END PGP SIGNATURE----- From donald@ramsbottom.co.uk Tue, 07 Nov 2000 17:13:59 +0000 Date: Tue, 07 Nov 2000 17:13:59 +0000 From: Donald Ramsbottom donald@ramsbottom.co.uk Subject: GPL in the UK At 09:11 07/11/00 +0000, you wrote: Quentin > >Forget crypto as a means of protest - that has minuscle effect on Govt. Not a means of protest, but as a means of allowing protest to proceed without HMG having GCHQ (or equivalents), tell them what whas going to happen, where and when, so the relatively scarce resources of HMG cannot be forward deployed and have to be spread more thinly. > >Financial journalists have pointed out that what is vastly more effective >as a protest would be to flood the banking system with cheques so that the >cheque clearing system collapses. I have no reason to doubt this. > >Writing a cheque is lawful and, as a means of protest, in the hands of >almost everyone who drives a car. Herein are the roots of the problem. It requires a lot of people to actively do something they do not normally do, and although many may, many more will not. > >If we take as an example the campaign against taxes on fuel, it would also >provide a good measure of the level of public support for that campaign. It would be if General Apathy were not in command. > >It would have been interesting to see how the Goverment reacted had the >"organisers" of the fuel protest confined their plans for protest to >urging the public to pay by cheque for fuel. As it would all be behind the scenes, and "major" transactions would not be affected (CHAPS BACS etc) they (HMG) would be able to deny real impact, and the banks would undoubtedly back them up. > >It might have given the car driving public a lot of satisfaction. It would >also give the expression "voting with your cheque book" a new meaning! Very true if Joe Public were mobilised, but in practice I suspect it would be as effective as the "dump the pump" campaign, which in the UK at least had only moderate success.. One of the reasons that the last protest was so succesful, was suprise, coupled with a relatively small cadre of activists who unbeknown to themselves were acting without central command (at least early on), and thus like "cells". Additionally it made good TV, the sight of Farmer Giles calling the "troops" to arms, akin to scenes from other "real" revolutions (black and white silent images of the storming of the Winter Palace et al), meant that HMG had no control over those images which the public saw, which made an impression. I fear that the sight of a dark suited banker saying nothing was wrong would not have the same impact as ranks of burly farmers and truckers, lawfully protesting while the Police stood by impotently. To achieve the same level of suprise and lack of a "head" to aim for, means having secure comms. I suspect the tactics will be very different if it happens again, and I also suspect that the fact the protestors are now more organized will be their downfall. Donald Ramsbottom LL.B, BA (Hons). RAMSBOTTOM & Co. Solicitors Internet Law & Global Cryptology Law Specialists 5 Seagrove Avenue, Hayling Island, Hants, PO11 9EU, England. Tel (44) (023) 9246 5931 Fax (44) (023)9246 8349 Ramsbottom & Co is regulated by the Law Society in the conduct of investment business Service by Fax or E-Mail NOT Accepted From benc@hawaga.org.uk Tue, 7 Nov 2000 18:24:12 +0000 (/etc/localtime) Date: Tue, 7 Nov 2000 18:24:12 +0000 (/etc/localtime) From: Ben Clifford benc@hawaga.org.uk Subject: GPL in the UK (fwd) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 7 Nov 2000, Quentin Campbell wrote: > Financial journalists have pointed out that what is vastly more effective > as a protest would be to flood the banking system with cheques so that the > cheque clearing system collapses. > Writing a cheque is lawful and, as a means of protest, in the hands of > almost everyone who drives a car. The British Museum has a "poll tax" chequebook on display in its money section. This is a cheque book with spaces for you to fill in all your details, but it doesn't have the magic machine readable symbols at the bottom so can't be automatically sorted. The idea was to pay for you poll tax with them. Only problem is that I imagine most petrol shops won't take them :-( - -- http://www.hawaga.org.uk/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.1 (GNU/Linux) Comment: PGPEnvelope - http://www.bigfoot.com/~ftobin/resources.html iD8DBQE6CEkJsYXoezDwaVARAiBbAJ9YEx0vaVuBK3+qSnpmZcdyRp0qsACcCKS5 v1HoF6kNJ/wh7JDjcPPu/iM= =HHk6 -----END PGP SIGNATURE----- From Ian.Johnson@uwe.ac.uk Tue, 07 Nov 2000 19:52:48 +0000 Date: Tue, 07 Nov 2000 19:52:48 +0000 From: Ian Johnson Ian.Johnson@uwe.ac.uk Subject: GPL in the UK (fwd) Ben Clifford wrote: > The British Museum has a "poll tax" chequebook on display in its money > section. This is a cheque book with spaces for you to fill in all your > details, but it doesn't have the magic machine readable symbols at the > bottom so can't be automatically sorted. The idea was to pay for you > poll tax with them. > > Only problem is that I imagine most petrol shops won't take them :-( Acetone works wonders on the MICR, a little smudging and the effect is the same. Ian -- Ian Johnson Tel : +44 117 965 6261 x3167 Faculty of CSM, UWE Bristol Email: irj@acm.org Frenchay Campus, Bristol. BS16 1QY. UK. From benc@hawaga.org.uk Tue, 7 Nov 2000 20:06:25 +0000 (/etc/localtime) Date: Tue, 7 Nov 2000 20:06:25 +0000 (/etc/localtime) From: Ben Clifford benc@hawaga.org.uk Subject: GPL in the UK (fwd) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 7 Nov 2000, Ian Johnson wrote: > > The British Museum has a "poll tax" chequebook on display in its money > > section. This is a cheque book with spaces for you to fill in all your > > details, but it doesn't have the magic machine readable symbols at the > > bottom so can't be automatically sorted. The idea was to pay for you > > poll tax with them. > > > > Only problem is that I imagine most petrol shops won't take them :-( > > Acetone works wonders on the MICR, a little smudging and the effect > is the same. Does anyone know what the most ridiculous cheque has actually been? I know that there is the theoretical cheque-on-a-pigs-back but I believe that is purely theoretical. Of course, "most ridiculous" is rather subjective. On a more on-topic note, does RIP Part 1 now mean that I can electronically sign cheques and expect the bank to accept them? I presume not, but why not? -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.1 (GNU/Linux) Comment: PGPEnvelope - http://www.bigfoot.com/~ftobin/resources.html iD8DBQE6CGDosYXoezDwaVARAnlZAJ98bc5BHKDmgFfPQnlQ7LuVJRxqPgCfTyyi fJfj5/VUsCEfYWTYunuGFbY= =ruN4 -----END PGP SIGNATURE----- From I.Brown@cs.ucl.ac.uk Tue, 07 Nov 2000 20:18:25 +0000 Date: Tue, 07 Nov 2000 20:18:25 +0000 From: Ian BROWN I.Brown@cs.ucl.ac.uk Subject: GPL in the UK (fwd) Poll tax protestors wrote cheques on banana skins and dirty pants, I seem to remember... Although some of them received contempt of court fines... Ian. From benc@hawaga.org.uk Tue, 7 Nov 2000 20:22:42 +0000 (/etc/localtime) Date: Tue, 7 Nov 2000 20:22:42 +0000 (/etc/localtime) From: Ben Clifford benc@hawaga.org.uk Subject: GPL in the UK (fwd) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 7 Nov 2000, Ian BROWN wrote: > Poll tax protestors wrote cheques on banana skins and dirty pants, I seem to > remember... > Although some of them received contempt of court fines... For what? - -- http://www.hawaga.org.uk/c0deZ/globeApplet/ for my rotating world map applet http://www.hawaga.org.uk/benc_key.txt GPG key 0x30F06950 - please use it! http://www.hawaga.org.uk/ben/ my homepage -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.1 (GNU/Linux) Comment: PGPEnvelope - http://www.bigfoot.com/~ftobin/resources.html iD8DBQE6CGS2sYXoezDwaVARAqjvAJ4lq84rrcW5UD90UlZO8ziU3Kg+ygCdEcA1 A23QF80YhG7kX/KCGKNyKUE= =/dVJ -----END PGP SIGNATURE----- From benc@hawaga.org.uk Tue, 7 Nov 2000 20:29:20 +0000 (/etc/localtime) Date: Tue, 7 Nov 2000 20:29:20 +0000 (/etc/localtime) From: Ben Clifford benc@hawaga.org.uk Subject: GPL in the UK -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > >It would have been interesting to see how the Goverment reacted had the > >"organisers" of the fuel protest confined their plans for protest to > >urging the public to pay by cheque for fuel. > But it is probably at the discretion of the retailer whether or not > to accept cheques (certainly there are supermarkets which say "to > maintain low prices we accept cash only"). Shops can always refuse to sell you something. But how this applies when they have permitted you to fill your car with their petrol before telling you that they won't take your payment, I don't know. Maybe you just have to pay by some legal tender (or scottish banknotes if you are in scotland). - -- http://www.hawaga.org.uk/c0deZ/globeApplet/ for my rotating world map applet http://www.hawaga.org.uk/benc_key.txt GPG key 0x30F06950 - please use it! http://www.hawaga.org.uk/ben/ my homepage -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.1 (GNU/Linux) Comment: PGPEnvelope - http://www.bigfoot.com/~ftobin/resources.html iD8DBQE6CGZEsYXoezDwaVARAlu5AJ9vQ22trnqB63TbYpy17GcZjw4jDgCfVUjV fi8DxPhPorZ2dviW+sgScBk= =SXFj -----END PGP SIGNATURE----- From pgut001@cs.auckland.ac.nz Wed, 8 Nov 2000 09:28:26 (NZDT) Date: Wed, 8 Nov 2000 09:28:26 (NZDT) From: Peter Gutmann pgut001@cs.auckland.ac.nz Subject: GPL in the UK (fwd) Ben Clifford writes: >Does anyone know what the most ridiculous cheque has actually been? I know >that there is the theoretical cheque-on-a-pigs-back but I believe that is >purely theoretical. There's been one written on a door, which the owner removed from its hinges and brought in to the bank (I can't remember the story behind that one, there was some reason for it). I'm tempted to carve one into a block of ice or something similarly awkward (it is "fixed in a tangible medium" after all) once I've checked that the wording of the legal definition can be interpreted to allow this. In terms of slowing down processing, there are many ways to do this, eg rub wax on fields which have to be filled in by others (useful on US cheques which have to be countersigned before they can be cashed), find out the MTBF (Mean Time Between Filing) of the govt.department and carry out a correspondence stretched over this time interval, etc etc. Peter. From dave@xemu.demon.co.uk Wed, 8 Nov 2000 00:05:49 +0000 Date: Wed, 8 Nov 2000 00:05:49 +0000 From: Dave Bird dave@xemu.demon.co.uk Subject: GPL in the UK (fwd) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 In message , Ben Clifford writes >On Tue, 7 Nov 2000, Ian BROWN wrote: >> Poll tax protestors wrote cheques on banana skins and dirty pants, I seem to >> remember... >> Although some of them received contempt of court fines... > >For what? Broadly speaking anything which disrupts the smooth running of the court, or disobeys its legitimate instructions. Paying a fine but causing a lot of extra work to collect it is clearly an attempt to disrupt the running of the court. |~/ |~/ ~~|;'^';-._.-;'^';-._.-;'^';-._.-;'^';-._.-;||';-._.-;'^';||_.-;'^'0-|~~ P | Woof Woof, Glug Glug ||____________|| 0 | P O | Who Drowned the Judge's Dog? | . . . . . . . '----. 0 | O O | answers on *---|_______________ @__o0 | O L |_____________|/_______| L www.xemu.demon.co.uk 2B0D 5195 337B A3E6 DDAC BD38 7F2F FD8E 7391 F44F -----BEGIN PGP SIGNATURE----- Version: PGPsdk version 1.7.1 iQA/AwUBOgiY3X8v/Y5zkfRPEQKtuACfXGMcedgc9EqW3eg2d2G+L27jyIYAoM4t Xy6YXcKF0g6uRCiEJRizsCsE =xylD -----END PGP SIGNATURE----- From dave@xemu.demon.co.uk Wed, 8 Nov 2000 00:42:24 +0000 Date: Wed, 8 Nov 2000 00:42:24 +0000 From: Dave Bird dave@xemu.demon.co.uk Subject: GPL in the UK (fwd) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 In message <97362890623632@kahu.cs.auckland.ac.nz>, Peter Gutmann writes >Ben Clifford writes: > >>Does anyone know what the most ridiculous cheque has actually been? I know >>that there is the theoretical cheque-on-a-pigs-back but I believe that is >>purely theoretical. > >There's been one written on a door, which the owner removed from its hinges and >brought in to the bank (I can't remember the story behind that one, there was >some reason for it). The best I can remember is one written on a pig --- obviously for rather more than the value of the pig. |~/ |~/ ~~|;'^';-._.-;'^';-._.-;'^';-._.-;'^';-._.-;||';-._.-;'^';||_.-;'^'0-|~~ P | Woof Woof, Glug Glug ||____________|| 0 | P O | Who Drowned the Judge's Dog? | . . . . . . . '----. 0 | O O | answers on *---|_______________ @__o0 | O L |_____________|/_______| L www.xemu.demon.co.uk 2B0D 5195 337B A3E6 DDAC BD38 7F2F FD8E 7391 F44F -----BEGIN PGP SIGNATURE----- Version: PGPsdk version 1.7.1 iQA/AwUBOgihcH8v/Y5zkfRPEQLp4QCgmJjE3kSyDJ8D3317sPjsAmHK/sIAoN3e Y45JWgmwGM2+vCxKVOO9NaTl =d8mU -----END PGP SIGNATURE----- From I.Brown@cs.ucl.ac.uk Wed, 08 Nov 2000 09:34:23 +0000 Date: Wed, 08 Nov 2000 09:34:23 +0000 From: Ian BROWN I.Brown@cs.ucl.ac.uk Subject: GPL in the UK (fwd) > Broadly speaking anything which disrupts the smooth running of the > court, or disobeys its legitimate instructions. I think in this case it was particularly seen as an "insult" to the court. Ian. From ben@algroup.co.uk Wed, 08 Nov 2000 09:52:25 +0000 Date: Wed, 08 Nov 2000 09:52:25 +0000 From: Ben Laurie ben@algroup.co.uk Subject: GPL in the UK (fwd) Ben Clifford wrote: > Does anyone know what the most ridiculous cheque has actually been? > I know that there is the theoretical cheque-on-a-pigs-back but I believe > that is purely theoretical. > Of course, "most ridiculous" is rather subjective. ISTR someone wrote one on a cow once. Can't remember why! Cheers, Ben. -- http://www.apache-ssl.org/ben.html "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff From nbohm@ernest.net Wed, 08 Nov 2000 10:18:25 +0000 Date: Wed, 08 Nov 2000 10:18:25 +0000 From: Nicholas Bohm nbohm@ernest.net Subject: GPL in the UK (fwd) At 08:06 PM 11/7/2000 +0000, Ben Clifford wrote: [snip] >On a more on-topic note, does RIP Part 1 now mean that I can >electronically sign cheques and expect the bank to accept them? I presume >not, but why not? Not RIP, the Electronic Communications Act. It says your electronic signature is admissible in evidence, but that doesn't mean banks will accept them in general, and specifically for cheques I'm sure they won't. The main reason is that a cheque still has to be on paper to be a cheque for the purposes of the relevant legislation, and that would have to be changed by secondary legislation. And banks would prefer to operate within the cheque system they know, and more or less love, than experiment with the unknown. In general they haven't adapted to anything more significant than passwords + mother's maiden name, and public key cryptography will take them some time. And as far as cheques are concerned, the replay attack might be a bit worrying. Regards, Nicholas Bohm Salkyns, Great Canfield, Takeley, Bishop's Stortford CM22 6SX, UK Phone 01279 871272 (+44 1279 871272) Fax 01279 870215 (+44 1279 870215) Mobile 07715 419728 (+44 7715 419728) PGP RSA 1024 bit public key ID: 0x08340015. Fingerprint: 9E 15 FB 2A 54 96 24 37 98 A2 E0 D1 34 13 48 07 PGP DSS/DH 1024/3072 public key ID: 0x899DD7FF. Fingerprint: 5248 1320 B42E 84FC 1E8B A9E6 0912 AE66 899D D7FF From Ross.Anderson@cl.cam.ac.uk Wed, 08 Nov 2000 18:12:03 +0000 Date: Wed, 08 Nov 2000 18:12:03 +0000 From: Ross Anderson Ross.Anderson@cl.cam.ac.uk Subject: Seminars in Cryptology and Computer Security >BTW, I presume Ross is gpoing to circulate the Details of that, or am I >supposed to do it myself? Here is the seminar announcement for Charles' talk next week. I've already sent it out on our seminar mailing list, so apologies to people who're on both lists and receive it twice. Ross PS: if you plan to attend this talk and aren't one of our regulars, do please drop me a note. All our seminars are open to the public, but it's useful to know when I need to book a bigger room! *** *** *** *** *** University of Cambridge Computer Laboratory SECURITY SEMINAR SERIES SPEAKER: Charles Lindsay, University of Manchester DATE: Tuesday 14th November at 4.15pm PLACE: Room TP4, Computer Laboratory TITLE: LIVING WITH RIP The passage of the Regulation of Investigatory Powers Act through parliament was the occasion of much controversy, especially as regards its provisions relating to cryptography. It appeared that it breached the European Convention on Human Rights at many points, and that the possibility of having their private keys seized would drive many E-commerce businesses overseas. In the event, the Act was amended to mitigate the worst excesses, with the simultaneous introduction of much window dressing. Nevertheless, many lesser problems remain, which may or may not be addressed in the Code of Practice. Since the implementation of that part of the Act has now been postponed for a year, we may have to wait some considerable time before the full picture becomes clear. This talk will analyse exactly what the Act can now demand of people upon whom decryption notices are served, and will describe the precautions which a prudent and honest E-commerce business should take in order to ensure that its legitimate operations cannot be compromised through the operation of the Act. I shall also describe the operation of the Lawful Business Practice Regulations (as established by the Act), paying particular attention to various forms of "interception" which, even though at first sight they might appear to be covered by those Regulations, and in fact perfectly lawful. Maps and travelling directions are at . * * * From M.Wells@leeds.ac.uk Wed, 8 Nov 2000 19:59:47 -0000 Date: Wed, 8 Nov 2000 19:59:47 -0000 From: M.Wells@leeds.ac.uk M.Wells@leeds.ac.uk Subject: GPL in the UK (fwd) Ben Laurie wrote: > Ben Clifford wrote: > > Does anyone know what the most ridiculous cheque has actually been? > > I know that there is the theoretical cheque-on-a-pigs-back but I believe > > that is purely theoretical. > > Of course, "most ridiculous" is rather subjective. > > ISTR someone wrote one on a cow once. Can't remember why! > > Cheers, > > Ben. That one is in AP Herberts 'Uncommon Law', a mine of splendid send-ups of some of the more ludicrous aspects of the British (perhaps strictly the English) legal system. Mike Wells From benc@hawaga.org.uk Wed, 8 Nov 2000 10:59:46 +0000 (UCT) Date: Wed, 8 Nov 2000 10:59:46 +0000 (UCT) From: Ben Clifford benc@hawaga.org.uk Subject: GPL in the UK (fwd) > >On a more on-topic note, does RIP Part 1 now mean that I can > >electronically sign cheques and expect the bank to accept them? I presume > >not, but why not? > > Not RIP, the Electronic Communications Act. doh, not the first time I have made that mistake... I *know* it is in ECA, it just always comes out of my fingers wrong :-( > The main reason is that a cheque still has to > be on paper to be a cheque for the purposes of the relevant legislation, paper? What about on a pig? Or do you mean on some form of physical medium? What is the relevant legislation? Is it recent enough to be on hmso.gov.uk? > In general they haven't adapted to anything more significant than passwords > + mother's maiden name, I managed to gain access to my long time unused First Direct account with quite an appalling error rate in the information I provided them - they just kept asking me lots of different questions until I had accumulated three correct answers - didn't seem to care that I got questions like "what was your first school" wrong and didn't penalise me for it. > and public key cryptography will take them some > time. Does stuff like Lloydslink (lloyds online business service with smartcards) use public key in the smartcards? > And as far as cheques are concerned, the replay attack might be a > bit worrying. Nothing a unique ID wouldn't fix. From david@swarb.freeuk.com Thu, 9 Nov 2000 07:48:16 +0000 Date: Thu, 9 Nov 2000 07:48:16 +0000 From: David Swarbrick david@swarb.freeuk.com Subject: Seminars in Cryptology and Computer Security In message , Ross Anderson writes >>BTW, I presume Ross is going to circulate the Details of that, or am I >>supposed to do it myself? > >Here is the seminar announcement for Charles' talk next week. I've >already sent it out on our seminar mailing list, so apologies to >people who're on both lists and receive it twice. > >Ross > >PS: if you plan to attend this talk and aren't one of our regulars, do >please drop me a note. All our seminars are open to the public, but >it's useful to know when I need to book a bigger room! > Any prospect of the text being made available? It will be worth reading. -- David Swarbrick, Solicitor. Computer and Internet Law and Contracts david@swarb.freeuk.com T: +44(0)1484 722531 F: +44(0)1484 716617 Law-index of 11,400+ case summaries at www.swarb.co.uk From Q.G.Campbell@newcastle.ac.uk Thu, 9 Nov 2000 10:06:40 +0000 (GMT) Date: Thu, 9 Nov 2000 10:06:40 +0000 (GMT) From: Quentin Campbell Q.G.Campbell@newcastle.ac.uk Subject: GPL in the UK On Tue, 7 Nov 2000, Dave Bird wrote: > Quentin Campbell writes > >It would have been interesting to see how the Goverment reacted had the > >"organisers" of the fuel protest confined their plans for protest to > >urging the public to pay by cheque for fuel. > > But it is probably at the discretion of the retailer whether or not > to accept cheques (certainly there are supermarkets which say "to > maintain low prices we accept cash only"). > > So if the banks warned them they could not guarantee payment in > reasonable time if they accepted a very large number of cheques, > they would limit the number of cheques they accepted. Surely that is a desirable outcome? I have always assumed that the purpose of such a campaign was either to cause the whole cheque clearing system to grind to a (catastrophic?) halt or at least bring its operation into enough disrepute that people no longer trust it. What I was exploring is not new. The tactic was suggested during the campaign against Maggie's Poll Tax. Commerce and the financial markets *depend* on trust and stability. The Poll Tax protesters sought to undermine those elements of the UK cheque system and were criminalised for it. Other people like George Soros make (and lose) huge fortunes by deliberately manipulating the stability of exchange rates. This is called free trade. It is worth noting that traders on the floor of the New York Stock Exchange have, as a condition of their licence to trade, a legal obligation to *maintain* stability in the market. What is the relevance to the ukcrypto list? Perhaps some immaginative but legal manipulation of systems may render objectionable Acts of Parliament like RIPA less effective or lead to their repeal as in the case of the Poll Tax. I am sure that public discussion on possible techniques to circumvent RIPA (such as winnowing & chaffing) is seen as highly irresponsible in some quarters which is all the more reason that it should continue! Quentin -- PHONE: +44 191 222 8209 Computing Service, University of Newcastle FAX: +44 191 222 8765 Newcastle upon Tyne, United Kingdom, NE1 7RU. ------------------------------------------------------------------------- "Any opinions expressed above are mine. The University can get its own." From nbohm@ernest.net Thu, 09 Nov 2000 11:00:28 +0000 Date: Thu, 09 Nov 2000 11:00:28 +0000 From: Nicholas Bohm nbohm@ernest.net Subject: GPL in the UK (fwd) At 10:59 AM 11/8/2000 +0000, Ben Clifford wrote: > >> >On a more on-topic note, does RIP Part 1 now mean that I can >> >electronically sign cheques and expect the bank to accept them? I presume >> >not, but why not? >> > >> Not RIP, the Electronic Communications Act. > >doh, not the first time I have made that mistake... I *know* it is in ECA, >it just always comes out of my fingers wrong :-( > >> The main reason is that a cheque still has to >> be on paper to be a cheque for the purposes of the relevant legislation, > >paper? What about on a pig? Or do you mean on some form of physical >medium? Yes. >What is the relevant legislation? Common law codified in Bills of Exchange Acts, late 19th century, plus mid and late 20th century Cheques Acts, effectively require writing; and Interpretation Act 1978 says writing means paper (etc). >Is it recent enough to be on >hmso.gov.uk? No. >> In general they haven't adapted to anything more significant than passwords >> + mother's maiden name, > >I managed to gain access to my long time unused First Direct account with >quite an appalling error rate in the information I provided them - they >just kept asking me lots of different questions until I had accumulated >three correct answers - didn't seem to care that I got questions like >"what was your first school" wrong and didn't penalise me for it. > >> and public key cryptography will take them some >> time. > >Does stuff like Lloydslink (lloyds online business service with >smartcards) use public key in the smartcards? > >> And as far as cheques are concerned, the replay attack might be a >> bit worrying. > >Nothing a unique ID wouldn't fix. No doubt, but it means setting up a scheme the bank can handle, not just emailing digitally-signed pseudo-cheques and expecting them to honour them. And the banks will set up schemes they think a reasonable number of their customers can understand. The banks don't generally seem to have a very high opinion of their customers' abilities, and perhaps not much better an opinion of their own staff's competence, and would probably not expect them to be able to handle PGP, for example. So unless it can all be packaged very tidily, they'll stick to their mothers' maiden name routines. Regards, Nicholas Bohm Salkyns, Great Canfield, Takeley, Bishop's Stortford CM22 6SX, UK Phone 01279 871272 (+44 1279 871272) Fax 01279 870215 (+44 1279 870215) Mobile 07715 419728 (+44 7715 419728) PGP RSA 1024 bit public key ID: 0x08340015. Fingerprint: 9E 15 FB 2A 54 96 24 37 98 A2 E0 D1 34 13 48 07 PGP DSS/DH 1024/3072 public key ID: 0x899DD7FF. Fingerprint: 5248 1320 B42E 84FC 1E8B A9E6 0912 AE66 899D D7FF From jon+ukcrypto@unequivocal.co.uk Thu, 9 Nov 2000 14:51:30 +0000 Date: Thu, 9 Nov 2000 14:51:30 +0000 From: Jon Ribbens jon+ukcrypto@unequivocal.co.uk Subject: GPL in the UK (fwd) Does anyone know what the chips in the new 'smart' credit cards do? (e.g. Egg card, American Express Blue card) Apparently FreeServe are going to be selling cheap card readers for PCs, this sounds an excellent idea to me - presuming they read the 'smart' stuff and not just the magnetic stripe. Cheers Jon From roland@linx.net Thu, 9 Nov 2000 11:57:23 +0000 Date: Thu, 9 Nov 2000 11:57:23 +0000 From: Roland Perry roland@linx.net Subject: Seminars in Cryptology and Computer Security In article , Ross Anderson writes, of Charles Linsday's lecture: >I shall also describe the operation of the Lawful Business Practice >Regulations (as established by the Act), paying particular attention >to various forms of "interception" which, even though at first sight >they might appear to be covered by those Regulations, and in fact >perfectly lawful. I'm not quite sure what Charles is are getting at here. Are these the things like virus-checking which would already be legal under RIPA 3(3) and are therefore *confusingly* also covered in the LBP Regs under 3(c)(iv)? -- Roland Perry | tel: +44 1733 207705 | roland@linx.org Interim CEO | fax: +44 1733 207729 | http://www.linx.net London Internet Exchange | mbl: +44 7050 604080 | /contact/roland From chl@clw.cs.man.ac.uk Thu, 9 Nov 2000 14:14:36 +0000 (GMT) Date: Thu, 9 Nov 2000 14:14:36 +0000 (GMT) From: Charles Lindsey chl@clw.cs.man.ac.uk Subject: Seminars in Cryptology and Computer Security On Thu, 9 Nov 2000 07:48:16 +0000 David Swarbrick said... > > Any prospect of the text being made available? It will be worth reading. Sorry, no text. Just some slides to ad lib to :-( . Charles H. Lindsey ---------At Home, doing my own thing------------------------ Email: chl@clw.cs.man.ac.uk Web: http://www.cs.man.ac.uk/~chl Voice/Fax: +44 161 436 6131 Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K. PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5 From mctaylor@privacy.nb.ca Thu, 9 Nov 2000 15:54:02 -0400 (AST) Date: Thu, 9 Nov 2000 15:54:02 -0400 (AST) From: M Taylor mctaylor@privacy.nb.ca Subject: Seminars in Cryptology and Computer Security On Wed, 8 Nov 2000, Ross Anderson wrote: > PS: if you plan to attend this talk and aren't one of our regulars, do > please drop me a note. All our seminars are open to the public, but > it's useful to know when I need to book a bigger room! Ross, I'm a sort-of regular outsider that plans on attending other appointments permitting. -- M Taylor mctaylor@ / privacy.nb.ca From chl@clw.cs.man.ac.uk Thu, 9 Nov 2000 20:43:23 +0000 (GMT) Date: Thu, 9 Nov 2000 20:43:23 +0000 (GMT) From: Charles Lindsey chl@clw.cs.man.ac.uk Subject: Seminars in Cryptology and Computer Security On Thu, 9 Nov 2000 11:57:23 +0000 Roland Perry said... > > In article , Ross Anderson > writes, of Charles Linsday's lecture: > > >... paying particular attention > >to various forms of "interception" which, even though at first sight > >they might appear to be covered by those Regulations, and in fact > >perfectly lawful. > > I'm not quite sure what Charles is are getting at here. Are these the > things like virus-checking which would already be legal under RIPA 3(3) > and are therefore *confusingly* also covered in the LBP Regs under > 3(c)(iv)? That is one of the oddities, but the main thing I had in mind was things like traffic data, Lord Bassam's doormat, and filtering for spam. Charles H. Lindsey ---------At Home, doing my own thing------------------------ Email: chl@clw.cs.man.ac.uk Web: http://www.cs.man.ac.uk/~chl Voice/Fax: +44 161 436 6131 Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K. PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5 From I.Brown@cs.ucl.ac.uk Fri, 10 Nov 2000 09:47:03 -0000 Date: Fri, 10 Nov 2000 09:47:03 -0000 From: Ian Brown I.Brown@cs.ucl.ac.uk Subject: Big Brother nominees PRIVACY INTERNATIONAL ANNOUNCES SHORTLIST FOR THE 3rd ANNUAL BIG BROTHER AWARDS NOMINEES INCLUDE BT, JACK STRAW, UK INFO DISC, TV LICENSING, AND ANNE WIDDICOMBE 10th November 2000 FOR IMMEDIATE RELEASE On December 4th, the human rights group Privacy International will present the third annual "Big Brother awards" to the government and private sector organisations that have done the most to invade personal privacy in Britain. The awards will be bestowed at a special event at the London School of Economics. Awards will also be given to individuals and organisations that have made an outstanding contribution to the protection of privacy. The event is being hosted by the Department of Information Systems of the London School of Economics, and is organised by Privacy International, a London based civil rights group which for the past decade has raised awareness around the world about privacy threats ranging from military surveillance to workplace drug testing (see the PI homepage at www.privacyinternational.org). The awards will be presented by Channel 4's Mark Thomas. The gold awards - in the shape of a boot stamping on a human head - will be presented in five categories. The judges have announced the shortlist nominees: MOST INVASIVE COMPANY: The award in this category will be a fiercely fought contest between I-CD Publishing, which created the reverse directory CD "UK Info Disk"; the Visionics Corporation, responsible for the new generation of CCTV automatic face recognition software; and Envision Licensing Ltd, the organisation behind Britain's TV Licensing regime. MOST APPALLING PROJECT: The lead contender in this category is the government's "email snooping" legislation - the Regulation of Investigatory Powers (RIP) Act. Other shortlisted nominees include the Landlordsdata.com database, which offers an on-line blacklist of tenants; and the national DNA Database. MOST HEINOUS GOVERNMENT ORGANISATION. This will be a contest between our old favourite the Home Office, the Department of Trade and Industry (for giving employers the green light to snoop on their staff), and Customs and Excise. WORST PUBLIC SERVANT. Jack Straw was consistently nominated for this category, but as he won it last year, we are reluctant to give him another boot (so he is nominated below for Lifetime Menace). Anne Widdicombe was not far behind. Charles Clarke made the shortlist for his shepherding of the RIP legislation. LIFETIME MENACE AWARD Jack Straw is so far ahead of the field that the others will have a near impossible task beating him. Other shortlisted nominees are British Telecom, for a litany of privacy violations reaching back more than twenty years, and GCHQ (Government Communications Headquarters) for unjustified and unwarranted endemic communications surveillance. The 2000 awards will be judged by a panel of experts consisting of lawyers, academics, consultants, journalists and civil rights activists. The Big Brother Awards have also been staged as an annual event in the United States, France, Austria, Germany and Switzerland. Privacy International's Director, Simon Davies, said privacy invasion in Britain has become "a vast industry that threatens the rights of everyone in Britain". "Privacy will be the most important civil liberties issue for the new century, and we intend showing its importance by outing the privacy invaders". FOR FURTHER INFORMATION CONTACT SIMON DAVIES ON 07958 466 552 ____________________ Notes to editors: The Big Brother Awards are open, free of charge, to invited guests and members of the media. People wanting to attend should contact Simon Davies on s.g.davies@lse.ac.uk or on 07958 466 552 High resolution photographs of the award are available through John Connor Press Associates on 01273486 851 From ben@algroup.co.uk Fri, 10 Nov 2000 11:05:39 +0000 Date: Fri, 10 Nov 2000 11:05:39 +0000 From: Ben Laurie ben@algroup.co.uk Subject: [Fwd: First Quarterly Cryptuk Meeting on 29Nov2000] This is a multi-part message in MIME format. --------------03E6BEE2C623187379CA797A Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit -- http://www.apache-ssl.org/ben.html "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff --------------03E6BEE2C623187379CA797A Content-Type: message/rfc822 Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Sieve: cmu-sieve 2.0 Return-Path: Received: from freeby.ben.algroup.co.uk (freeby.ben.algroup.co.uk [193.133.15.6]) by scuzzy.ben.algroup.co.uk (Postfix) with SMTP id 1472612DFE for ; Thu, 9 Nov 2000 22:44:41 +0000 (GMT) Received: from mailgate.algroup.co.uk (mailgate.algroup.co.uk [194.128.162.5]) by freeby.ben.algroup.co.uk (8.6.12/8.6.12) with SMTP id WAA23075 for ; Thu, 9 Nov 2000 22:45:06 GMT Received: (qmail 23074 invoked by uid 1002); 9 Nov 2000 22:44:40 -0000 Delivered-To: aldigit-ben@algroup.co.uk Received: (qmail 9613 invoked from network); 9 Nov 2000 22:44:40 -0000 Received: from finch-post-12.mail.demon.net (194.217.242.41) by mailgate.algroup.co.uk with SMTP; 9 Nov 2000 22:44:40 -0000 Received: from notatla.demon.co.uk ([194.222.156.169]) by finch-post-12.mail.demon.net with esmtp (Exim 2.12 #1) id 13u0Qw-0004lh-0C; Thu, 9 Nov 2000 22:44:38 +0000 Received: (from slist@localhost) by notatla.demon.co.uk (noyb/noyb) id WAA08177; Thu, 9 Nov 2000 22:43:53 GMT Resent-Date: Thu, 9 Nov 2000 22:43:53 GMT Date: Thu, 9 Nov 2000 22:43:52 GMT From: Antonomasia Message-Id: <200011092243.WAA08158@notatla.demon.co.uk> X-Grumble: British Telecom - disconnected again by administrative error To: cryptuk-announce@notatla.demon.co.uk Subject: First Quarterly Cryptuk Meeting on 29Nov2000 Resent-Message-ID: Resent-From: cryptuk-announce@notatla.demon.co.uk X-Mailing-List: archive/latest/2 X-Loop: cryptuk-announce@notatla.demon.co.uk Precedence: list Resent-Sender: cryptuk-announce-request@notatla.demon.co.uk Wed 29 Nov 2000: Ben Laurie on programming with OpenSSL "The Old English Club" on the first floor of "F.T.'s Free House" in Savage Gardens, EC3. Savage Gardens is between Crutched Friars and Pepys Street and about opposite the Novotel found on your left when leaving Fenchurch St station and your right (round a corner) when leaving Tower Hill tube. It can be seen on http://www.streetmap.co.uk . We have the 1st floor bar area from 7-9pm. -- ############################################################## # Antonomasia ant@notatla.demon.co.uk # # See http://www.notatla.demon.co.uk/ # ############################################################## --------------03E6BEE2C623187379CA797A-- From k.brown@ccs.bbk.ac.uk Fri, 10 Nov 2000 11:12:27 +0000 Date: Fri, 10 Nov 2000 11:12:27 +0000 From: Ken Brown k.brown@ccs.bbk.ac.uk Subject: GPL in the UK (fwd) Nicholas Bohm wrote: > No doubt, but it means setting up a scheme the bank can handle, not just > emailing digitally-signed pseudo-cheques and expecting them to honour them. > And the banks will set up schemes they think a reasonable number of their > customers can understand. The banks don't generally seem to have a very > high opinion of their customers' abilities, and perhaps not much better an > opinion of their own staff's competence, and would probably not expect them > to be able to handle PGP, for example. So unless it can all be packaged > very tidily, they'll stick to their mothers' maiden name routines. If secure encryption and authentication actually reduces fraud significantly, then accounts using it should suffer less fraud & be cheaper to run. Banks - or a bank - might well want to pass (some of) this saving onto customers willing & able to operate such an account, in the form of lower fees or higher interest rates, just as they offer higher interest for longer-term deposits, or larger loans to higher-income customers. A "Silicon Card" instead of a "Gold Card"? Of course anonymous online transactions (in effect e-cash) would get round the payments problem neatly, and be less liable to fraud, but governments are unlikely to allow it. Ken From nbohm@ernest.net Fri, 10 Nov 2000 14:39:51 +0000 Date: Fri, 10 Nov 2000 14:39:51 +0000 From: Nicholas Bohm nbohm@ernest.net Subject: GPL in the UK (fwd) At 11:12 AM 11/10/2000 +0000, Ken Brown wrote: > >Nicholas Bohm wrote: > >> No doubt, but it means setting up a scheme the bank can handle, not just >> emailing digitally-signed pseudo-cheques and expecting them to honour them. >> And the banks will set up schemes they think a reasonable number of their >> customers can understand. The banks don't generally seem to have a very >> high opinion of their customers' abilities, and perhaps not much better an >> opinion of their own staff's competence, and would probably not expect them >> to be able to handle PGP, for example. So unless it can all be packaged >> very tidily, they'll stick to their mothers' maiden name routines. > >If secure encryption and authentication actually reduces fraud >significantly, then accounts using it should suffer less fraud & be >cheaper to run. Banks - or a bank - might well want to pass (some of) >this saving onto customers willing & able to operate such an account, in >the form of lower fees or higher interest rates, just as they offer >higher interest for longer-term deposits, or larger loans to >higher-income customers. A "Silicon Card" instead of a "Gold Card"? I think the argument is exactly right, but the audience will remain deaf to it for quite a while. >Of course anonymous online transactions (in effect e-cash) would get >round the payments problem neatly, and be less liable to fraud, but >governments are unlikely to allow it. I'm not sure e-cash would always be an improvement on today's repudiable credit card, as far as the card holder is concerned (though nice for the payee). I'm all for it as a means to pay my debts; but when buying on line, using a card on which I can effectively stop payment (and which also happens to give me a guarantee from the card issuer of the merchant's obligations to me) is excellent protection against a dud product or absconding seller. E-cash, on the other hand, gives me no guarantees, and is gone without recall at the click of a mouse. Regards, Nicholas Bohm Salkyns, Great Canfield, Takeley, Bishop's Stortford CM22 6SX, UK Phone 01279 871272 (+44 1279 871272) Fax 01279 870215 (+44 1279 870215) Mobile 07715 419728 (+44 7715 419728) PGP RSA 1024 bit public key ID: 0x08340015. Fingerprint: 9E 15 FB 2A 54 96 24 37 98 A2 E0 D1 34 13 48 07 PGP DSS/DH 1024/3072 public key ID: 0x899DD7FF. Fingerprint: 5248 1320 B42E 84FC 1E8B A9E6 0912 AE66 899D D7FF From davidh@spidacom.co.uk Fri, 10 Nov 2000 14:44:36 -0000 Date: Fri, 10 Nov 2000 14:44:36 -0000 From: David Hansen davidh@spidacom.co.uk Subject: GPL in the UK (fwd) On 10 Nov 00, at 11:12, Ken Brown wrote: > If secure encryption and authentication actually reduces fraud > significantly, then accounts using it should suffer less fraud & be > cheaper to run. This assumes banks are capable of original thinking. It appears to me that the UK (high street) banking industry is in terminal decline due to its inability to undertake "original" thinking and that we will seea growing influence from more intelignet overseas banks. Note how they have already moved into the corporate sector (although they tend to keep the UK name as a shell to avoid frightening the horses). > Of course anonymous online transactions (in effect e-cash) would get > round the payments problem neatly, and be less liable to fraud, but > governments are unlikely to allow it. This assumes governments can allow or disallow things. It seems to me that the world is moving to a stage where governments are impotent in most important things and what matters is what business wants. I find it hard to believe that the scary advisors to government wanted to see things like SSL in use widely. The WTO, GM foods, encryption, roads are all examples of things where governments are mere spectators. David Hansen | davidh@spidacom.co.uk | PGP email preferred Edinburgh | CI$ number 100024,3247 | key number F566DA0E From chl@clw.cs.man.ac.uk Fri, 10 Nov 2000 16:55:30 +0000 (GMT) Date: Fri, 10 Nov 2000 16:55:30 +0000 (GMT) From: Charles Lindsey chl@clw.cs.man.ac.uk Subject: Big Brother nominees On Fri, 10 Nov 2000 09:47:03 -0000 Ian Brown said... > WORST PUBLIC SERVANT. Jack Straw was consistently nominated for this > category, but as he won it last year, we are reluctant to give him another > boot (so he is nominated below for Lifetime Menace). Anne Widdicombe was not > far behind. Charles Clarke made the shortlist for his shepherding of the RIP > legislation. Is it too late to nominate Lord Bassam? Charles Clarke was a saint by comparison (Why! he even gave some modest evidence of knowing what he was talking about!). But Lord Bassam consistently misunderstood and misinterpreted everything that was said to him, and stuck to his pre-prepared script, providing brilliantly correct answers to the wrong questions. Charles H. Lindsey ---------At Home, doing my own thing------------------------ Email: chl@clw.cs.man.ac.uk Web: http://www.cs.man.ac.uk/~chl Voice/Fax: +44 161 436 6131 Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K. PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5 From danny@spesh.com Fri, 10 Nov 2000 12:09:53 +0000 Date: Fri, 10 Nov 2000 12:09:53 +0000 From: Danny O'Brien danny@spesh.com Subject: a forwarded request to the esteemed panel On Fri, Nov 10, 2000, a friend of mine wrote: > > Danny, > > I have a friend who works for an environmental charity,... [namage > deleted] > > He has a constant need to send e-mail anonymously, securely, etc., to > people in countries where they monitor this kind of communication. He > has been using HotMail, Yahoo mail, etc., as well as PGP and some > stenography. I've been trying to help him with some of his queries on > this kind of stuff - but i'm not an expert. > > Do you know of any experts (yourself, others?) who could donate small > amounts of time to respond to queries from this organisation? What is > the best way we can help them? Anyone who might be interested in lending a hand let me know, and I'll put you in touch. Thanks, d. From whgiii@openpgp.net Fri, 10 Nov 2000 15:30:00 -0500 Date: Fri, 10 Nov 2000 15:30:00 -0500 From: William H. Geiger III whgiii@openpgp.net Subject: a forwarded request to the esteemed panel In <20001110120953.E55256@spesh.com>, on 11/10/00 at 06:09 AM, "Danny O'Brien" said: >On Fri, Nov 10, 2000, a friend of mine wrote: >> >> Danny, >> >> I have a friend who works for an environmental charity,... [namage >> deleted] >> >> He has a constant need to send e-mail anonymously, securely, etc., to >> people in countries where they monitor this kind of communication. He >> has been using HotMail, Yahoo mail, etc., as well as PGP and some >> stenography. I've been trying to help him with some of his queries on >> this kind of stuff - but i'm not an expert. >> >> Do you know of any experts (yourself, others?) who could donate small >> amounts of time to respond to queries from this organisation? What is >> the best way we can help them? >Anyone who might be interested in lending a hand let me know, and I'll >put you in touch. I have some time I could donate to help. -- --------------------------------------------------------------- William H. Geiger III http://www.openpgp.net Geiger Consulting Data Security & Cryptology Consulting Programming, Networking, Analysis PGP for OS/2: http://www.openpgp.net/pgp.html E-Secure: http://www.openpgp.net/esecure.html --------------------------------------------------------------- From dave@xemu.demon.co.uk Sat, 11 Nov 2000 03:33:32 +0000 Date: Sat, 11 Nov 2000 03:33:32 +0000 From: Dave Bird dave@xemu.demon.co.uk Subject: (slightly off topic) Newsgroup Censorship Debate, please contribute to. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 TO: Cyber rights list, CC'ed some other lists. Hiyas, There is currently a proposal for further newsgroup censorship being debated on uk.politics.censorship / uk.net. '' SINCE August'96, there has been a sustained attack against free speech on the 'Net in this Britain. It began with the "French" letter, from Det. Supt. French, threatening ISPs if they did not remove a whole series of newsgroups -- a lot of them, like alt.homosexuality, text newsgroups about lawful activities. When Demon Internet released the letter instead of complying, there appeared newspaper articles highly defamatory of a Demon director and of Julf Helsingius (from anon@penet.fi); both said they would sue the Observer newspaper. A reporting system called 'Safety Net' was instituted for unlawful material on the 'Net. '' These dodgy goings on later renamed themselves the Internet Watch Foundation. Because it is absolutely illegal to possess child pornography [it is only illegal to trade in most other banned speech], this body reports any individual such articles it finds to the ISP, and the ISP then usually does cancel the article. The IWF has at times threatened to metastasize into other areas such as extreme political opinion, so-called "hate speech". Currently its idea is that 3/4 of the individual articles it bans would be covered by outright removal in Britain of 28 newsgroups which contain 10% illegal material, or 1/2 of it by removal of just three groups which contain 40% illegal material. None of the groups concerned contain a clear majority of illegal material. Superficially, and especially to people with no clue how things work, it would be an obvious economy of effort. Of course there are reasons why it might not work e.g. the material might spread abroad or to other newsgroups, or why it might be no help if it did e.g. it would actually lead to less offenders caught or it may cost just as much to chase the remaining half Quite apart from it being a bad step in principle to ban channels which none of them contain a majority of illegal material. I don't think it is by any means an obvious or clear-cut issue, though on balance the arguments why it would be both ineffective and wrong in principle stack up for me. I'm glad IWF have bothered to consult on uk.net, and I hope people will take the opportunity to make thoughtful comment. This really needs to be addressed by people who can write good reasoned rebuttals such as Yaman and Avedon, and really by anyone who can make effective points. Please subscribe uk.politics.censorship back to say 00:01 Thursday and pitch in to the relevant threads. Regards, SAVE BIRD. ======================================================================== ======================================================================== Newsgroups: uk.net,uk.politics.censorship,alt.censorship Subject: IWF Newsgroup discussion PtONE [newsgroups, issues, figures] Date: Fri, 10 Nov 2000 02:54:29 +0000 : In article<20001109232414.3389.qmail@nym.alias.net>, Chucky writes: >On Thu, 9 Nov 2000, Dave Bird wrote: >>In article, Dave Bird writes: >>>In article, Clive D.W. Feather: >>>> >>>>[Rather than having discussion wandering all over Usenet, please could >>>>it be kept to one newsgroup ? The UK Committee's (very weak) view is >>>>that uk.net is probably the best place, so I have set followups there. >>>>Please feel free to mention this topic in other groups, but direct >>>>followups here rather than splitting the discussion. I will monitor this >>>>thread in uk.net to provide input to the IWF board, but I won't >>>>necessarily see threads elsewhere.] >>> >>> I would prefer to keep the discussion ALSO in the censorship >>> newsgroups; >>>I note that points may not be forwarded to i.w.f. >>> unless uk.net is on the newsgroups line. >> >> I AM POSTING THE DISCUSSION PAPER ITSELF (LONG) >> in case people want to cite from it in usual usenet style. > >Thank you. >>NEWSGROUPS >> >>An Internet Watch Foundation discussion paper >> >>INTRODUCTION >> >>1. This discussion paper: >> >>++explains what newsgroups are and how they operate >>++explains the current role and policy of >> the Internet Watch Foundation (IWF) in relation to newsgroups >>++sets out the arguments in favour of a change of IWF policy >>++sets out the arguments against a change in the policy >>++invites interested organisations and individuals to submit views on >> this paper by 31 January 2001. >> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ >> I. WHAT ARE NEWSGROUPS? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ >> >>2. The Internet has a number of different elements, perhaps the best- >>known being e-mail and the World Wide Web. A lesser known but very >>popular component is newsgroups. >> >>3. The name is somewhat misleading, since groups are often concerned >>more with views than news and the range of groups is immense. In effect, >>these are text-based, global electronic notice boards where users post >>material - usually text, but there are mechanisms for including pictures >>or other material - that can be accessed by all other readers of that >>newsgroup. In the context of the Internet, the term Usenet newsgroups is >>often used because of the technical network which sustains these groups. "The name is an arbitrary one; conversations held by NEWS distribution are sent to a set of general notice-boards open to anyone interested, as opposed to conversations held by MAIL distribution which are sent to a few named recipients." >> >>4. Some groups are one-way affairs, used simply for making >>announcements, but most are interactive, allowing any user to comment on >>any content. Some are primarily for exchanging files (such as images or >>software), but most are for sharing views and comments. A few are >>moderated, which means that someone checks the content before or after >>the posting appears publicly, but most are totally uncontrolled. One >>author - Jim McClellan in "The Guardian Guide To The Internet" - has >>suggested: "Another way to get your head round Usenet might be to think >>of it as a virtual equivalent of Speaker's Corner in London. It's >>similarly rowdy and anarchic". >> >>5. Copies of articles sit on every news server that carries that group, >>although articles do not appear on all news servers at the exactly same >>time. Given the global nature of the Internet, usually this means that >>there are copies of any given article around the world. Current >>estimates are that there are several hundred thousand such servers. >> >>6. While most people use the server supplied by their Internet service >>provider (ISP), there are commercial servers - both inside and outside >>the UK - that will provide newsgroups to anybody. Accessing newsgroups >>is a simple matter - certainly easier than putting up a web page. You >>simply need a piece of software called a "newsreader", either the one >>bundled with your browser - such as Microsoft's Outlook Express or >>Netscape Communicator's Collabra - or one downloaded from the Internet >>or obtained from a CD-ROM. >> >>7. Usually you gain access to a newsgroup and its contents simply by >>telling your newsreader to check out that group for new postings or by >>sending your own posting. >> >>8. Usenet was created in 1979 by some American computer science >>graduates. The number of groups and the number of postings to them has >>grown enormously as the number of Internet users has grown, although >>there are no accurate statistics for this growth process. Today there >>are over 30,000 newsgroups in existence world-wide. >> >>9. Each newsgroup usually specialises on a particular subject matter or >>a particular group of users. However, any posting can be sent to any >>newsgroup or newsgroups that the author wishes, so that it is not >>possible to ensure that everything within a group is relevant to that >>group. Discussions are kept 'on topic' by consensus, by peer pressure, >>and in some instances by ISPs taking action against authors who >>blatantly post 'off topic'. >> >>10. The overwhelming majority of these newsgroups provide a legitimate >>forum > >Who says what is 'legitimate'? 'a forum which most people would consider legitimate' > >>for discussion of a whole variety of subjects of great interest to >>their users and newsgroups are a vital part of the open, democratic and >>interactive nature of the Internet. >> >>11. There are a lot of newsgroups focusing on sex in all its >>manifestations and variations. Sometimes the name of the newsgroup is an >>indication of the sexual nature of its content, but this is certainly >>not always the case. Equally a sexual newsgroup title may not >>necessarily indicate sexual content - groups can lie dormant or be full >>of spam (the electronic equivalent of junk mail). Furthermore a title >>that does indicate sexual content may cover serious discussion (for >>instance, abuse issues) rather than erotica. > >Isn't erotica 'serious'? I think on reflection he means 'factual'. "A sexual title may not necessary indicate banned erotic material. The group may contain nothing i.e. it may be dormant of full of spam (...). It may be a factual discussion about the difficulties of a particular group (abuse victims, homosexuals), it may be seeking contact between consenting adults of the same preference, it may be stories told for entertainment, or it may be pictures shown for entertainment: most likely ones which are lawful in print." > >>12. Not all Internet service providers carry all newsgroups; indeed some >>ISPs carry none at all. A particular ISP may choose to limit the range >>of newsgroups that it carries, or may attempt to carry as broad a set as >>possible, for technical, language, marketing, commercial or other >>reasons. In any event, ISPs only hold articles for a limited period - >>typically a few days - before they are expired in the interests of disc >>space (although there are some long-term archives). >> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ >> II. WHAT ARE THE ISSUES? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ >> >>13. For several years, there has been deep concern - especially among >>the police and children's organisations - that a small proportion of >>articles, mostly in a small number of newsgroups, often feature child >>pornography. In the UK, simple possession of child pornography is a >>criminal offence and it is important that the law is enforced and seen >>to be enforced. We need to remember that the production of child >>pornography is usually the result of the abuse of a child. > >But most is not, unless you include the 'abuse' inflicted by >well-meaning therapists. (Even simple nudity can be prosecuted; or >vaguely defined lasciviousness.) > >>14. The publication in August 1996 of a Metropolitan Police list of >>newsgroups believed to contain illegal content led UK Internet service >>providers (ISPs) to create the Internet Watch Foundation (IWF) in >>September 1996. > >The list included news:alt.binaries.pictures.children whose regulars >then (as now) would be most shocked at the suggestion of mere nudity, >even. And alt.homosexual which I understand is just a text discussion among homosexual people about any relevant issue e.g. where to get sexual health information, which are the best night-clubs, what are the latest gay fashions. The whole business of the "French Letter" from Inspector French was a disgraceful one which smacked more of the Cray Brothers than policing. But I don't suppose we'll get an accurate account from the IWF. > >>15. The establishment of the IWF provides a mechanism - essentially a >>hotline - whereby users can report material that they believe to be >>illegal. This material can then be examined by trained staff and, in the >>event that the material is indeed judged to be potentially illegal, >>steps can be taken to remove it. > >The 'trained staff' presumably aren't 'judges', never mind 'jury'. They can probably work out what is or isn't a very young child having sex or in a 'pin-up' pose as if about to have sex, though. > >>16. In the case of material hosted by a UK ISP, the ISP is advised to >>remove the material and - to the best of our knowledge - this advice has >>been consistently and promptly acted upon. > >How are they 'leant on'? Because if they ignored the warning (without good grounds) they could be raided and prosecuted. > >(Binary articles usually expire in a couple of days from the server, >anyway. So why bother?) With short expiry, people usually get the material they want. The object is presumably to stop circulation of this material. > >>Since the creation of the >>IWF, over 23,000 items have been removed as a result of this process. >>The great majority of these items was child pornography and most of the >>remainder was other sexual material deemed to be illegal. > >In other words, pissing and consential sm? >What a word, 'deemed'. Judge and jury again. 'deemed by current English law to be illegal' The law may be stupid, but they didn't make it. > >>17. The significant issue here is one of "knowledge". If someone is >>unaware of illegal material, they are doing no wrong. On the other hand, >>should they be aware of it and do nothing, they are committing a >>criminal offence. The police currently take the view that ISPs only >>"know" about specific postings that they are told about - either by the >>IWF or anyone else. Provided that the ISP acts promptly to remove these >>items, they will not be prosecuted for what otherwise could be illegal >>possession (and so far no UK ISP has been prosecuted in this way). > >"Where ignorance is bliss, 'tis folly to be wise", in other words. :) > >>18. The debate in 1996 centred around two questions. The first was >>whether ISPs must actively look for illegal material, or whether they >>need only worry about what they happen to discover by accident. The >>second was whether the fact that illegal material could often be found >>in a given newsgroup meant that ISPs needed to do something about the >>group itself. >> >>19. The original Metropolitan Police list of August 1996 identified 133 >>newsgroups which, in the opinion of the author of the list, contained >>illegal or problematic material. > >What a dreadful, fuzzy word is 'problematic'. Indeed, but I don't think the words need altering as they are only reporting the opinion of the fuckwit French. > >>As a result of incoming reports and its >>own proactive monitoring, the IWF has compiled its own list of >>newsgroups. The composition of the list changes over time and the IWF >>periodically informs ISPs of the current situation. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ III. WHAT ARE THE FACTS AND FIGURES (new Chapter Heading) ############## ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ The whole of the presentation of the numbers in this section is very unclear and wants sorting out, see comments which follow this section ((((((((((((((((((((((((((((((((((((((((((((((((((( >> >>20. The latest programme of monitoring by the IWF - completed in July >>2000 - has identified 28 newsgroups as frequently containing child >>pornographic material. However, research by the IWF in August 1999 >>indicated that some 77% of the illegal material reported to the >>organisation had been found in just three groups. This finding - that a >>tiny number of newsgroups contain an overwhelming proportion of the >>illegal material - has been confirmed by the experience of other >>hotlines in other countries and by the research of the COPINE Project of >>the University of Cork. >> >>21. In a report dated January 1998, the COPINE Project stated that "the >>percentage of the total number of Usenet newsgroups that contain child >>erotica and pornography amounts to 0.07% of the total number of ############################ >>newsgroups". The most recent monitoring by the IWF has revealed a ############ >>similar percentage. >> >>22. In addition to illegal material being concentrated in a very small >>number of newsgroups, it is necessary to appreciate that the illegal >>material is itself a small percentage of the total content of these >>particular newsgroups. >> >>23. An earlier analysis by one of the ISPs that hosts almost all >>newsgroups found that, on the basis of examination of reports over a >>two-year period to April 1999, the reported illegal content in the three >>'worst' groups was less than 2% of the total traffic. However, in this >>context it should be borne in mind that this figure was based on >>notifications from IWF in response solely to incoming reports from the >>public, > >Who is this 'public', who so assiduously frequents childporn groups? [For these purposes I don't think it really matters] > >>rather than on a comprehensive and consistent monitoring of all >>postings to these groups. >> >>24. Recent experience has shown that the average proportion of >>potentially illegal content within the groups currently being monitored >>by IWF is some 10-15%, representing 1,676 items out of 14,836 articles >>posted and reviewed within a one week period. The average in the three >>'worst' groups was nearly 45% which represents some 717 items out of a >>total of just over1,800. ))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))))) It would be clearer to say something as follows: Over a one week period the IWF summarised how may complaints it received, which of these articles complained about seemed very likely to be illegal under current British law -- and how such valid complaints distributed across newsgroups. 14,400 complaints were received. 6,400 complaints were considered valid and 8,000 invalid. (?) That should be compared with 50,000 total newsgroups which carry 1,000,000 articles with a volume of 20,00,000 KBytes. Valid complaints comprised 6,400 articles (0.064% total articles) or 640,000 KB estimated volume (0.77% of total volume). This divided up as follows....... ** "All sorts of assorted newsgroups" carried 4,800 such articles (0.48% of total articles) or 48,000 KBytes of volume (0.66% of volume). ** 25 "fairly bad" newsgroups (0.550% of total newsgroups) carrying up to 10% such material, carried 1600 such articles (.... of total articles) or ....... KBytes of volume (.... of total volume). ** 3 "very bad" newgroups (0.06% of total newsgroups) carrying up to 40% such material, carried 700 such articles (.... of total articles) or ....... KBytes of volume (.... of total volume). OR WHATEVER. YOUR STATISTICS ARE NON-UNIFORM AND CONFUSING! ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ There are several numerical observations we can make from this, and tentative conclusions to be drawn on them. First, the valid complaints are a very tiny part of news over-all. This may be argued a number of ways. Some people may say that "therefore they are a flea-bite which the over-all community would barely miss"; BUT this may not necessarily be so, as it is a radical and well-organised community with strong objections to precedents such as the banning of whole newsgroups by name. Conversely the fact they are a very small part of over-all traffic may be used to argue that any damage you do to UseNet as a whole because of them is, in the sense of the human rights act, "disproportionate". Remember, you cannot inconvenience and restrict people indefinitely by saying that some crimes are really terrible... you must show that your restrictions are the minimum NECESSARY to fight that harm. Secondly, we can see from the above what percentage and actual numbers of the material validly complained about would be caught by a ban set at 10% illegal content, 40% illegal content, or majority illegal content. Be aware that people may argue that, whatever else they are doing, if a channel is not in the majority used for exchange of illegal material then it can hardly be held that this is the purpose of the channel. >> >>25. Having set out the technical and historical background and provided >>some relevant data, the remainder of this paper presents the main >>arguments for and against a change in current IWF policy on newsgroups. >>In the case of each argument for and against, in the interests of >>balance, a counter-argument is presented. Of course, these are not >>necessarily the only arguments or responses, but they are presented in >>an effort to stimulate an informed and balanced discussion. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ >>IV. WHAT IS THE CASE FOR REMOVING SELECTED NEWSGROUPS? ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ [.....................] - -- _______________________fuses? I thought you bought the fuses! / ¬¬ .. '' " '' ** ______________________________________________________________ Don't be left in the dark--http://www.xemu.demon.co.uk/censor/ -----BEGIN PGP SIGNATURE----- Version: PGPsdk version 1.7.1 iQA/AwUBOgy+DH8v/Y5zkfRPEQLwvwCeIuCtnkPJVeVVdZogAVc8kJBQ+10AnjJC tnw2IDprgtjl5weWilXVS6zW =pIM6 -----END PGP SIGNATURE----- From chris.wells1@ntlworld.com Fri, 10 Nov 2000 20:29:35 +0000 Date: Fri, 10 Nov 2000 20:29:35 +0000 From: Chris Wells chris.wells1@ntlworld.com Subject: A good summary of PKI for newbies http://www.anu.edu.au/people/Roger.Clarke/II/PKIMisFit.html From owenfb@easynet.co.uk Sun, 12 Nov 2000 15:26:15 -0000 Date: Sun, 12 Nov 2000 15:26:15 -0000 From: Owen Blacker owenfb@easynet.co.uk Subject: GPL in the UK (fwd) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Nicholas Bohm said at 2000-11-10 T 14:39 Z, quoting Ken Brown: > > Of course anonymous online transactions (in effect e-cash) would > > get round the payments problem neatly, and be less liable to > > fraud, but governments are unlikely to allow it. > > I'm not sure e-cash would always be an improvement on today's > repudiable credit card, as far as the card holder is concerned > (though nice for the payee). > > I'm all for it as a means to pay my debts; but when buying on line, > using a card on which I can effectively stop payment (and which > also happens to give me a guarantee from the card issuer of the > merchant's obligations to me) is excellent protection against a dud > product or absconding seller. E-cash, on the other hand, gives me > no guarantees, and is gone without recall at the click of a mouse. But then e-cash would be likely to be subject to fewer credit checks. Bear in mind that barriers to using e-commerce aren't just being online, but having some payment method -- I earn a not inconsiderable sum, for example, but the hangovers of student debt still mean that no-one will give me a credit card. *I* probably wouldn't give me a credit card either, but it doesn't make buying online very easy. At least Amazon.co.uk (and the M&S site, but I work on that myself :o) accept Solo... *GRIN* O x - ----- Owen Blacker Senior Internet Developer and InfoSec Consultant, pres.co I now have new PGP keys -- see http://www.owens-place.org.uk/pgp.html Sig 0x00036874 | d39f b776 fa20 c125 b0e2 aa6d 555e 4126 0003 6874 -----BEGIN PGP SIGNATURE----- Version: PGP 7.0 iQA/AwUBOg62jVVeQSYAA2h0EQKzzACg44zpf858yFrRuEfCd/O46jgeCBIAoJ9S DU8R0K6H4vtZkEXUREOcY/HL =HKRv -----END PGP SIGNATURE----- From Rodney.Tillotson@ukerna.ac.uk Mon, 13 Nov 2000 08:35:01 +0000 Date: Mon, 13 Nov 2000 08:35:01 +0000 From: Rodney Tillotson Rodney.Tillotson@ukerna.ac.uk Subject: Newsgroup censorship debate At 03:33 11/11/2000, Dave Bird wrote: > There is currently a proposal for further newsgroup censorship being > debated on uk.politics.censorship / uk.net. The IWF's discussion paper is at http://www.iwf.org.uk/about/newsgroups.htm. I shall be commenting for JANET. The paper itself is not so one-sided as Dave suggests it is, but that doesn't mean that the underlying intention is not to attempt to ban some groups (hmm, multiple-negatives ...). I also think the paper is poorly written, but I'm trying not to let that cloud my judgement on the issues. And yes, this probably was off-topic. Please excuse a short clarification. Rodney. From donald@ramsbottom.co.uk Mon, 13 Nov 2000 17:33:55 +0000 Date: Mon, 13 Nov 2000 17:33:55 +0000 From: Donald Ramsbottom donald@ramsbottom.co.uk Subject: CYberCoPZ rulz CypherPunkz >From todays Times :http://www.thetimes.co.uk/article/0,,34926,00.html Lots of money, lots of Police, all to get those nasty "P"-files! I am not sure how they will tackle "dangerous Viruses" but at least they have come clean on "hackers" although they do not define what they mean by the term. For the amount of money being thrown at it one would be forgiven for thinking that the amount of crime involved was more than the 1% of total crime.(just guessing the percentages, but it can't be that big). What if they put that money towards combatting, burglary or some other large percentage crime? But then they would not have the embryo of a Staasi like surveillance system would they? So one has to wonder.=20 One also has to hope that the extra money on managing the systems is "managed" better than some other public projects to do with computers mentioned on this list of late. Does this mean that the DREDD cop cometh? I am the LAW!! MONDAY NOVEMBER 13 2000 Internet police force unveiled An elite cyber police unit is to be set up to combat Internet paedophiles, fraud and extortion rackets, Jack Straw, the Home Secretary, announced today. The =A325 million unit will include up to 40 dedicated investigators who will be based at the multi-agency National Hi-Tech Crime Unit in London and 46 in local forces. Each regional force will have at least one cyber officer to tackle Internet crime in their area. The cyber police will also work to combat hackers and dangerous computer viruses, like the "I Love You" bug which wreaked havoc with systems last summer. The unit, which will start work in April next year, will include staff taken from police, customs, the National Crime Squad and the National Criminal Intelligence Service. Mr Straw also announced another =A337 million to invest in a National Management Information system for police forces in England and Wales. The new system will allow all information from the police to be compared and analysed across the country. Donald Ramsbottom LL.B, BA (Hons). RAMSBOTTOM & Co. Solicitors Internet Law & Global Cryptology Law Specialists 5 Seagrove Avenue, Hayling Island, Hants, PO11 9EU, England. Tel (44) (023) 9246 5931 Fax (44) (023)9246 8349 Ramsbottom & Co is regulated by the Law Society in the conduct of investment business Service by Fax or E-Mail NOT Accepted From nexus@patrol.i-way.co.uk Mon, 13 Nov 2000 18:57:31 -0000 Date: Mon, 13 Nov 2000 18:57:31 -0000 From: Nexus nexus@patrol.i-way.co.uk Subject: CYberCoPZ rulz CypherPunkz Hmmm.... nice punchy article, shame about the content.. > Lots of money, lots of Police, all to get those nasty "P"-files! A couple of hours searching on the internet will give you a pretty good idea where some of these sites are - finding them itsn't so hard, infiltrating them is, as they tend to adopt an 'upload all your pictures first' policy, before you can gain access - now there's a tricky one for Plod. Or would it be legal to hack the site in this suitation ? Or what if it's a UK based domain name physically sited in another country ? > I am not sure how they will tackle "dangerous Viruses" but at least they > have come clean on "hackers" although they do not define what they mean by > the term. For the amount of money being thrown at it one would be forgiven > for thinking that the amount of crime involved was more than the 1% of total > crime.(just guessing the percentages, but it can't be that big). But the publicity of a web page defacement, or virus outbreak is _that_ big ;-) The definition of a 'hacker' will always be clouded until such time as the press decide on something different. It could be argued that I am a hacker - I certainly have the same skill-set and knowledge, if not the malicious ethos. Or is it simply a matter that as a "Security Professional" who _always_ works within the scope of an engagement license and appropriate NDA's / official corporate sanction, I am therefore not a hacker ? > What if they put that money towards combatting, burglary or some other large > percentage crime? But then they would not have the embryo of a Staasi like > surveillance system would they? So one has to wonder. Indeed, one is... > One also has to hope that the extra money on managing the systems is > "managed" better than some other public projects to do with computers > mentioned on this list of late. Dare one mention goverment and political party sites at this point ? > Does this mean that the DREDD cop cometh? I am the LAW!! Prepare to be Judged, Citizen ! Regards, JJ ____________________________________________ http://1cis.com Free E-mail Servers with unlimited mailboxes 1st Class Internet Solutions From owen.blacker@pres.co.uk Tue, 14 Nov 2000 11:53:47 -0000 Date: Tue, 14 Nov 2000 11:53:47 -0000 From: Owen Blacker owen.blacker@pres.co.uk Subject: Silicon.com: Security measures may be virus carriers -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hmm, seems like someone's trying to drum up trade for their virus scanning business... :o/ O x > HEADLINE: Security measures may be virus carriers > PUBLISHED: 1:30pm on Monday 13th November 2000 > CHANNEL: Virus watch > AUTHOR: Pia Heikkila > SERVICE: http://www.silicon.com > > TEXT OF STORY FOLLOWS: > > Leading European security experts have warned that viruses may be > spread through the use of public keys. > > Digital signatures, as a part of the public key infrastructure > (PKI), can create a false sense of security between the sender and > receiver as the signature makes the message appear secure. However, > specialists have warned that encrypted viruses will be on the > increase as soon as encrypted communication becomes more > commonplace. > > Ian Walker, technical director at Entrust Technologies, said users > see encrypted messages and their attachments as being secure > because of the digital signature. > > Walker said: "Viruses will spread increasingly through the exchange > of public keys because the message, or its attachment, comes in an > encrypted form from a familiar sender which makes the user see it > as a secure message. We have not seen any encrypted viruses yet, > but it is easy to send these viruses because of the availability of > the public keys." > > Nir Ganani, director at security vendor Finjan software, warned > that scanning both at the desktop and gateway is vital. He said: > "Because of the increase in encrypted communication, using > protection against malicious code in both desktop and gateway > levels -- and even at the ISP level -- is necessary." > > But Mikko Hypponen, research director at F-secure, said no company > can afford to leave desktop virus scanners without regular updates: > > > He said: "The only way you can do content scanning is at the > desktop because that's the only place where you can read the > encrypted messages. Otherwise there is little point in encrypting > the message in a first place." > > The UK Electronic Communications Act -- which gives legal authority > to digital signatures -- came into effect last June. > > For related news and video, see: > Digital signatures get Post Office stamp of approval > http://www.silicon.com/a39915 > Users fail to see full security picture > http://www.silicon.com/a38869 > The Ebusiness Security Interview: Fran Rooney, CEO, Baltimore > Technologies http://www.silicon.com/a36906 > > > STORY ENDS > > For more information on silicon.com go to http://www.silicon.com. > > silicon.com - the who, what, when, where and why of ebusiness -----BEGIN PGP SIGNATURE----- Version: PGP 7.0 Comment: Due to RIP, pls check for revocation before using this key! iQA/AwUBOhEoF1VeQSYAA2h0EQLwDgCghB36qCgR+eGSgHoNviu4SN/RRwQAoLhZ dRCBv+oHvxd9kdHjPIu1duUI =MiUt -----END PGP SIGNATURE----- _____________________________________________________________________ This message has been checked for all known viruses by UUNET delivered through the MessageLabs Virus Control Centre. For further information visit http://www.uk.uu.net/products/security/virus/ From owen.blacker@pres.co.uk Tue, 14 Nov 2000 12:22:55 -0000 Date: Tue, 14 Nov 2000 12:22:55 -0000 From: Owen Blacker owen.blacker@pres.co.uk Subject: Silicon.com: Jack Straw and Ann Widdecombe tipped to win Big Brot her -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > HEADLINE: Jack Straw and Ann Widdecombe tipped to win Big Brother > PUBLISHED: 4:01pm on Friday 10th November 2000 > CHANNEL: E-society > AUTHOR: Graham Hayday > SERVICE: http://www.silicon.com > > TEXT OF STORY FOLLOWS: > > Ann Widdecombe, BT, Jack Straw and the TV licensing organisation > are all in the running to receive special recognition for invading > personal privacy at this year's Big Brother awards ceremony. > > Organised by human rights group Privacy International, The Big > Brothers are designed to highlight how invasion of privacy has > become a "vast industry that threatens the rights of everyone in > Britain". > > The awards have also become an annual event in Austria, > France, Germany, Switzerland and the United States. > > Simon Davies, director of Privacy International, said: > "Privacy will be the most important civil liberties issue for the > new century, and we intend showing its importance by outing the > privacy invaders." > > This year's ceremony will be hosted by comedian Mark Thomas, and > will take place at the London School of Economics on 4 December. > > Awards will also be given to the individuals and organisations that > have made an outstanding contribution to the protection of privacy. > > > According to the organisers, the shortlist for the five categories > of awards is as follows: > > > MOST INVASIVE COMPANY: > > The award in this category will be fought between I-CD Publishing, > which created the reverse directory CD "UK Info Disk"; the > Visionics Corporation, responsible for the new generation of CCTV > automatic face recognition software; and Envision Licensing, the > organisation behind Britain's TV Licensing regime. > > MOST APPALLING PROJECT: > > The lead contender in this is said to be the government's > "snooping" legislation -- otherwise known as the Regulation of > Investigatory Powers (RIP) Act. > > Other shortlisted nominees include the Landlordsdata.com database, > which offers an online blacklist of tenants and the national DNA > Database. > > > MOST HEINOUS GOVERNMENT ORGANISATION: > > This will be a contest between the Home Office, the Department of > Trade and Industry (for allowing employers to snoop on their > staff), and Customs and Excise. > > > WORST PUBLIC SERVANT: > > Jack Straw was consistently nominated for this category, but as he > won it last year, Privacy International is reluctant to give him > this award once more. > > Anne Widdicombe was not far behind in the nominations and Charles > Clarke made the shortlist for his shepherding of the RIP > legislation. > > > LIFETIME MENACE AWARD: > > Jack Straw is so far ahead of the field that the others will have a > near impossible task beating him. Other shortlisted nominees are > British Telecom, and GCHQ (Government Communications Headquarters) > for what Privacy International describes as "unjustified and > unwarranted endemic communications surveillance". > > For related news, see: > Home Office gets wooden spoon in Big Brother Awards > http://www.silicon.com/a33454 > > > STORY ENDS > > For more information on silicon.com go to http://www.silicon.com. > > silicon.com -- the who, what, when, where and why of ebusiness -----BEGIN PGP SIGNATURE----- Version: PGP 7.0 Comment: Due to RIP, pls check for revocation before using this key! iQA/AwUBOhEu61VeQSYAA2h0EQKpzwCgibGSTkXuxOQa280nUaAdqPMGHNwAoK4I 6RAGU+vwQ8N9RSM6UIAhOHt5 =324t -----END PGP SIGNATURE----- _____________________________________________________________________ This message has been checked for all known viruses by UUNET delivered through the MessageLabs Virus Control Centre. For further information visit http://www.uk.uu.net/products/security/virus/ From davidh@spidacom.co.uk Tue, 14 Nov 2000 12:29:24 -0000 Date: Tue, 14 Nov 2000 12:29:24 -0000 From: David Hansen davidh@spidacom.co.uk Subject: Silicon.com: Security measures may be virus carriers On 14 Nov 00, at 11:53, Owen Blacker wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hmm, seems like someone's trying to drum up trade for their virus > scanning business... :o/ It looks very much like it. Or perhaps its some GCHQ spin. > > HEADLINE: Security measures may be virus carriers > > PUBLISHED: 1:30pm on Monday 13th November 2000 > > > > Leading European security experts have warned that viruses may be > > spread through the use of public keys. This headline indicates that the author or the "experts" know little of what they are talking about. > > Digital signatures, as a part of the public key infrastructure > > (PKI), can create a false sense of security between the sender and > > receiver as the signature makes the message appear secure. Incorrect. It makes it possible to check that the message comes from who it claims to, provided they have taken proper care of their secret key and provided a few other things. It says nothing about the contents. > > However, > > specialists have warned that encrypted viruses will be on the > > increase as soon as encrypted communication becomes more > > commonplace. The author or "experts" know little of the subject again. Encrypted viruses are with us now and have nothing to do with message encryption. > > Walker said: "Viruses will spread increasingly through the exchange > > of public keys If he said what is attributed to him then this raises serious questions about how expert he is. Public keys, unless of course Microshit get involved in designing them, can't be used to transmit viruses. > > because the message, or its attachment, comes in an > > encrypted form from a familiar sender which makes the user see it as > > a secure message. Then the user misunderstands message encryption and could do with some education. David Hansen | davidh@spidacom.co.uk | PGP email preferred Edinburgh | CI$ number 100024,3247 | key number F566DA0E From Q.G.Campbell@newcastle.ac.uk Tue, 14 Nov 2000 15:08:32 +0000 (GMT) Date: Tue, 14 Nov 2000 15:08:32 +0000 (GMT) From: Quentin Campbell Q.G.Campbell@newcastle.ac.uk Subject: CYberCoPZ rulz CypherPunkz [snip] > The =A325 million unit will include up to 40 dedicated investigators > who will be based at the multi-agency National Hi-Tech Crime > Unit in London and 46 in local forces. >=20 > Each regional force will have at least one cyber officer to tackle > Internet crime in their area. [snip] What follows is not a criticism of Police Officers operating in CCUs. Those that I know are committed and hard working. I would make a few observations about the article: o Police are wary of computer experts in CCUs who are not themselves Police Officers. I have heard officers from such units (*not* from Northumbria Police) complain that these experts spend their time "messing around" with computers rather than doing "proper" Police work and that they are a "waste of time and money". o As far as regional forces are concerned I wonder how effective a "cyber officer" will be. One under resouced officer per force is not enough. There is enthusiasm to work in this area but it is often under resourced in both equipment and training because senior officers do not understand computer crime. To them this usually means accounting fraud and this is predominantly a CID matter. Some CID people become "cyber officers" through their work on computers in fraud cases. I suggest that they need a much wider background in computing, networks and security than this. The "cyber officer" is likely to only have rudimentary on-line access. Students at any nearby university of FE college are likley to have=20 better facilities. Nor does "cyber crime" feature high in the policing priorities of cash strapped regional forces. They are more worried about traditional crime because this is what the public is most concerned about. o Much computer related crime such as stalking by anonymous e-mail and possession of paedophile image files is in any case dealt with by uniformed officers or CID people with no specialist computer knowledge. I suspect that what would be of more use to most officers in most regional forces is to have ready access to specialised computer forensic advice and effort. This is where funding should be directed. This advice/effort could come from central facilities or be provided by the private sector and private consultants. This sort of highly specialised and skilled work cannot sensibly be provided from within each regional force. The notion of the loan "cyber officer" trawling the Internet looking for bad guys in his area is ludicrous. =20 Quentin -- PHONE: +44 191 222 8209 Computing Service, University of Newcastle FAX: +44 191 222 8765 Newcastle upon Tyne, United Kingdom, NE1 7RU. ------------------------------------------------------------------------- "Any opinions expressed above are mine. The University can get its own." From lists@notatla.demon.co.uk Wed, 15 Nov 2000 07:07:01 GMT Date: Wed, 15 Nov 2000 07:07:01 GMT From: lists@notatla.demon.co.uk lists@notatla.demon.co.uk Subject: UKFOI and RIP from TheRegister http://www.theregister.co.uk/content/1/14721.html RIP just got scarier By: Kieren McCarthy Posted: 14/11/2000 at 16:19 GMT A suggested amendment to the Freedom of Information Act, put forward by Lord Falconer, aims to automatically exempt all cases of Tribunals concerning the RIP Act from disclosure. ... From donald@ramsbottom.co.uk Wed, 15 Nov 2000 07:51:02 +0000 Date: Wed, 15 Nov 2000 07:51:02 +0000 From: Donald Ramsbottom donald@ramsbottom.co.uk Subject: DVDCA v Fawkus Well it did not take long but it seems that those nice people at the DVD copying association (DVDCCA), have commenced proceedings for an injunction against a Scotsman, resident in Edinburgh, in the State of California. JY at cryptome has posted the defendants motion to strike out the action on jurisdictional grounds which can be found at: http://cryptome.org/dvd-v-fawkus.htm This one and the DVDCCA need to be watched. Any others in UK? BTW has anybody got DeCCS to work? I downloaded it from an east european site, and ran into problems with it, but then the DVDs were ones issued this year after DeCSS was posted. Just curious. Donald Ramsbottom LL.B, BA (Hons). RAMSBOTTOM & Co. Solicitors Internet Law & Global Cryptology Law Specialists 5 Seagrove Avenue, Hayling Island, Hants, PO11 9EU, England. Tel (44) (023) 9246 5931 Fax (44) (023)9246 8349 Ramsbottom & Co is regulated by the Law Society in the conduct of investment business Service by Fax or E-Mail NOT Accepted From donald@ramsbottom.co.uk Wed, 15 Nov 2000 08:36:27 +0000 Date: Wed, 15 Nov 2000 08:36:27 +0000 From: Donald Ramsbottom donald@ramsbottom.co.uk Subject: UKFOI and RIP from TheRegister At 07:07 15/11/00 GMT, you wrote: > > http://www.theregister.co.uk/content/1/14721.html > > RIP just got scarier By: Kieren McCarthy Posted: 14/11/2000 at 16:19 GMT > A suggested amendment to the Freedom of Information Act, put forward > by Lord Falconer, aims to automatically exempt all cases of Tribunals > concerning the RIP Act from disclosure. ... So the Tribunal to protect our (mere mortal, Joe public) interest's (and much vaunted by ministers in debate) is now being turned into a Starchamber. Good one your Toniness, open democratic Government at its best! Amendments at : http://www.publications.parliament.uk/pa/ld199900/ldbills/120/amend/ml120-ia.htm Clause 22 at: http://www.publications.parliament.uk/pa/ld199900/ldbills/120/00120--e.htm#22 Does the wording of the clause as a whole look familiar? Donald Ramsbottom LL.B, BA (Hons). RAMSBOTTOM & Co. Solicitors Internet Law & Global Cryptology Law Specialists 5 Seagrove Avenue, Hayling Island, Hants, PO11 9EU, England. Tel (44) (023) 9246 5931 Fax (44) (023)9246 8349 Ramsbottom & Co is regulated by the Law Society in the conduct of investment business Service by Fax or E-Mail NOT Accepted From donald@ramsbottom.co.uk Wed, 15 Nov 2000 11:13:03 +0000 Date: Wed, 15 Nov 2000 11:13:03 +0000 From: Donald Ramsbottom donald@ramsbottom.co.uk Subject: R v SSTI ex parte Orange I will not bother posting the whole thing here, the URL is: http://www.thetimes.co.uk/article/0,,35552,00.html It is from Today's Times Law report, and deals with subordinate legislation and the Executives obligations to Parliament. Thigs that perhaps they should bear in mind for RIP etc. Donald Ramsbottom LL.B, BA (Hons). RAMSBOTTOM & Co. Solicitors Internet Law & Global Cryptology Law Specialists 5 Seagrove Avenue, Hayling Island, Hants, PO11 9EU, England. Tel (44) (023) 9246 5931 Fax (44) (023)9246 8349 Ramsbottom & Co is regulated by the Law Society in the conduct of investment business Service by Fax or E-Mail NOT Accepted From matthewgream@hotmail.com Tue, 14 Nov 2000 17:31:49 GMT Date: Tue, 14 Nov 2000 17:31:49 GMT From: matthew gream matthewgream@hotmail.com Subject: CYberCoPZ rulz CypherPunkz Hopefully they will do something sensible, and it would be this - the new cyberpolice that they deploy should really be half police and half experts in this particular sort of crime - acting as regional specialists and interworking with investigatory teams and offering advice and input and developing knowledge on a regional basis - perhaps this will raise the level of awareness inside the police service. The problem perhaps is that burglary, murder and many other sorts of crimes are well established problems, but the internet and computers are new enough not to be well known about. Maybe things like small and medium level fraud involving online trading and selling systems, or the use of computers within existing criminal acts and so on - not exactly "computer crime", but more "crime where computers are involved" - and that's the more useful place for them. I'll leave out the cynical downside - over focus on the P word, and powerploys and publicity by those with interests in departmental funding, political moves and so on - the public need to be placated and ensured that the P word is being delt with. I could draw a similarity to recreational drugs and alcohol - the phenomenal damage done to society by alcohol through many forms is little compared to recreational drugs, yet there is considerably more focus on the evils of recreatical drugs, and drunkenness, alcohol related voilence and many other things are somehow considered "part of the way things are" and little questioned. Sorry, partially my bugbear, and although I don't have any involvement in recreactional drugs, the example is a good one for the way it illustrates problems of perception and represention and distortion of risks and other sorts of things in popular opinion. Best regards, Matthew Gream -- matthew.gream@pobox.com, http://www.pobox.com/~matthew.gream >From: Donald Ramsbottom >Reply-To: ukcrypto@chiark.greenend.org.uk >To: ukcrypto@chiark.greenend.org.uk >Subject: CYberCoPZ rulz CypherPunkz >Date: Mon, 13 Nov 2000 17:33:55 +0000 > >From todays Times :http://www.thetimes.co.uk/article/0,,34926,00.html > >Lots of money, lots of Police, all to get those nasty "P"-files! > >I am not sure how they will tackle "dangerous Viruses" but at least they >have come clean on "hackers" although they do not define what they mean by >the term. For the amount of money being thrown at it one would be forgiven >for thinking that the amount of crime involved was more than the 1% of >total >crime.(just guessing the percentages, but it can't be that big). > >What if they put that money towards combatting, burglary or some other >large >percentage crime? But then they would not have the embryo of a Staasi like >surveillance system would they? So one has to wonder. > >One also has to hope that the extra money on managing the systems is >"managed" better than some other public projects to do with computers >mentioned on this list of late. > >Does this mean that the DREDD cop cometh? I am the LAW!! > > > > > >MONDAY NOVEMBER 13 2000 >Internet police force unveiled >An elite cyber police unit is to be set up to combat Internet >paedophiles, fraud and extortion rackets, Jack Straw, the Home >Secretary, announced today. > >The £25 million unit will include up to 40 dedicated investigators >who will be based at the multi-agency National Hi-Tech Crime >Unit in London and 46 in local forces. > >Each regional force will have at least one cyber officer to tackle >Internet crime in their area. > >The cyber police will also work to combat hackers and dangerous >computer viruses, like the "I Love You" bug which wreaked havoc >with systems last summer. > >The unit, which will start work in April next year, will include staff >taken from police, customs, the National Crime Squad and the >National Criminal Intelligence Service. > >Mr Straw also announced another £37 million to invest in a >National Management Information system for police forces in >England and Wales. > >The new system will allow all information from the police to be >compared and analysed across the country. > > > >Donald Ramsbottom LL.B, BA (Hons). > >RAMSBOTTOM & Co. Solicitors >Internet Law & Global Cryptology Law Specialists >5 Seagrove Avenue, Hayling Island, Hants, PO11 9EU, England. >Tel (44) (023) 9246 5931 Fax (44) (023)9246 8349 >Ramsbottom & Co is regulated by the Law Society in the conduct of >investment >business >Service by Fax or E-Mail NOT Accepted > > > > > _________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Share information about yourself, create your own public profile at http://profiles.msn.com. From Ian.Johnson@uwe.ac.uk Wed, 15 Nov 2000 14:39:34 +0000 Date: Wed, 15 Nov 2000 14:39:34 +0000 From: Ian Johnson Ian.Johnson@uwe.ac.uk Subject: CYberCoPZ rulz CypherPunkz matthew gream wrote: > > Hopefully they will do something sensible, and it would be this ... Highly unlikely or the blurb is seriously misleading, though the suggestions you make are sound. What plod really needs as another poster pointed out, is forensic computing skills on call. > I'll leave out the cynical downside - over focus on the P word, and > powerploys and publicity by those with interests in departmental funding, > political moves and so on - the public need to be placated and ensured that > the P word is being delt with. The public need to be educated, not placated. > I could draw a similarity to recreational > drugs and alcohol - the phenomenal damage done to society by alcohol through > many forms is little compared to recreational drugs, Things that are understood vs. those that are not and are therefore frightening. The analogy is close. Thanks to the media, we have "evil hackers need to be stopped from producing viruses - something must be done" not "its a microsoft problem - can they fix it". Likewise with crypto (getting back on topic), which is painted as a tool for P's., - not compared with postal mail etc. My personal rant, the general public don't seem to care about privacy, whether CCTV ID cards (oops driving licences :) ) or whatever. Until that changes, the media will continue their "if you've nothing to hide ..." tirade. >From: Donald Ramsbottom > >I am not sure how they will tackle "dangerous Viruses" I can think of several suggestions :) none politically acceptable. > >What if they put that money towards combatting, burglary or some other > >large > >percentage crime? Who would have published their bumpf? It's a PR exercise. > >But then they would not have the embryo of a Staasi like > >surveillance system would they? So one has to wonder. Which is where we're almost at already. 'Control & Supervise' seems to be Straws middle name. I'm disgusted that an allegedly labour, (new or otherwise) govt. could tolerate such a person. Regards, Ian -- Ian Johnson Tel : +44 117 965 6261 x3167 Faculty of CSM, UWE Bristol Email: irj@acm.org Frenchay Campus, Bristol. BS16 1QY. UK. From rwsh@cam.sri.com Wed, 15 Nov 2000 12:42:38 +0000 Date: Wed, 15 Nov 2000 12:42:38 +0000 From: Roger Hale rwsh@cam.sri.com Subject: Jobs at SRI, Cambridge, UK SRI INTERNATIONAL, CAMBRIDGE, UK -------------------------------- Network Security Research ------------------------- SRI International has an immediate need for researchers in network security to work at its Cambridge Computer Science Research Centre in the UK. The role will involve: - Exploration of emerging technologies related to wireless and high-speed networks in various areas such as protocols, hardware and systems architecture - Design of protocols and infrastructures for providing security in such wireless systems - Software design of computer communication algorithms and protocols in state-of-the-art high-speed testbed networks. Software design could include routing protocols, multicast protocols, QoS-driven middleware for multimedia application support, Web proxies, etc. The initial requirement is on an EU-funded project on system dependability, but successful candidates will be expected to contribute to other SRI proposals and projects. Good written and oral communication skills are required, and candidates should be able to work with minimal supervision, estimating, negotiating and working to project schedules and milestones. Some travel will be necessary. Applicants should hold a PhD in Computer Science, Electrical Engineering or related discipline and have a strong background in networking technologies. Experience of network security would be preferred. SRI International (http://www.sri.com) is one of the world's largest independent nonprofit research institutes with an enviable reputation in computer science. Our Cambridge laboratory (http://www.cam.sri.com) is currently expanding. It specialises in the areas of information assurance, formal methods and natural language processing and has several government and commercially-funded research projects in these areas. Salaries and other terms depend on experience and circumstances, but will be very competitive. SRI also offers relocation and a comprehensive benefits package, including royalty and equity sharing. Applications, including CV, should be sent to careers@cam.sri.com. Informal enquiries can be directed to Dr. Roger Hale (roger.hale@cam.sri.com). -------------------------------------------------------------------------- From david@swarb.freeuk.com Wed, 15 Nov 2000 18:01:20 -0000 Date: Wed, 15 Nov 2000 18:01:20 -0000 From: David Swarbrick david@swarb.freeuk.com Subject: UKFOI and RIP from TheRegister The tribunal under IOCA was always a Star Chamber,as was teh one proposed under the Electronic Communications Bill - I never got around to checking this buyt asssumed it was the same. -- David Swarbrick, Solicitor, Brighouse, West Yorkshire HD6 1RW T: +44(0)1484 722531 F: +44(0)1484 716617 m: david@swarb.freeuk.com w: www.swarb.co.uk The Law Society Regulates us in the conduct of investment business > -----Original Message----- > From: ukcrypto-admin@chiark.greenend.org.uk > [mailto:ukcrypto-admin@chiark.greenend.org.uk]On Behalf Of Donald > Ramsbottom > Sent: 15 November 2000 08:36 > To: ukcrypto@chiark.greenend.org.uk > Subject: Re: UKFOI and RIP from TheRegister > > > At 07:07 15/11/00 GMT, you wrote: > > > > http://www.theregister.co.uk/content/1/14721.html > > > > RIP just got scarier By: Kieren McCarthy Posted: 14/11/2000 > at 16:19 GMT > > A suggested amendment to the Freedom of Information Act, put forward > > by Lord Falconer, aims to automatically exempt all cases of Tribunals > > concerning the RIP Act from disclosure. ... > > So the Tribunal to protect our (mere mortal, Joe public) interest's (and > much vaunted by ministers in debate) is now being turned into a > Starchamber. > Good one your Toniness, open democratic Government at its best! > > Amendments at : > http://www.publications.parliament.uk/pa/ld199900/ldbills/120/amen > d/ml120-ia.htm > > Clause 22 at: > http://www.publications.parliament.uk/pa/ld199900/ldbills/120/0012 0--e.htm#22 Does the wording of the clause as a whole look familiar? Donald Ramsbottom LL.B, BA (Hons). RAMSBOTTOM & Co. Solicitors Internet Law & Global Cryptology Law Specialists 5 Seagrove Avenue, Hayling Island, Hants, PO11 9EU, England. Tel (44) (023) 9246 5931 Fax (44) (023)9246 8349 Ramsbottom & Co is regulated by the Law Society in the conduct of investment business Service by Fax or E-Mail NOT Accepted From cb@fipr.org Wed, 15 Nov 2000 19:13:50 -0000 Date: Wed, 15 Nov 2000 19:13:50 -0000 From: Caspar Bowden cb@fipr.org Subject: UKFOI and RIP from TheRegister >David Swarbrick wrote > >The tribunal under IOCA was always a Star Chamber,as was teh >one proposed >under the Electronic Communications Bill - I never got around >to checking this buy asssumed it was the same. It's even more so than under July 99 Draft ECB - like many bills the back of RIP was not explored much either in Lords or Commons. The ECB allowed a "special advocate" appointed by the Tribunal to look after complainant's interests (cross-examine etc.) if the spooks wanted to tell the Tribunal lots of scary things with the complainant excluded. Even that's not going to be allowed now. There was pretty detailed exploration of this during debate on RIP Tribunal Rules SI in Commons on 30th Oct - can't imagine why :) In detailed argument, Clarke categorically stated: http://www.parliament.the-stationery-office.co.uk/pa/cm199900/cmstand/deleg1 /st001030/01030s03.htm "The rules do not make provisions for special advocates. We understand the point, which was raised by the Earl of Northesk in the other place at the end of last week. We believe that the claimant will be able to put his case as fully as necessary without the aid of such procedural devices, so they should not be required." Also, the Tribunal will hear evidence from the complainant and agency complained of in separate hearings, and the Tribunal is under no obligation to make a summary of evidence taken from latter available to former, it merely has discretion to do so. The full Hansard begins at http://www.parliament.the-stationery-office.co.uk/pa/cm199900/cmstand/deleg1 /st001030/01030s01.htm We are seeking expert legal views on likely HRA compliance at the moment. -- Caspar Bowden Tel: +44(0)20 7354 2333 Director, Foundation for Information Policy Research RIP Information Centre at: www.fipr.org/rip#media From m.brodbelt@acu.ac.uk Wed, 15 Nov 2000 18:31:38 +0000 Date: Wed, 15 Nov 2000 18:31:38 +0000 From: Mike Brodbelt m.brodbelt@acu.ac.uk Subject: DVDCA v Fawkus > BTW has anybody got DeCCS to work? I downloaded it from an east european > site, and ran into problems with it, but then the DVDs were ones issued this > year after DeCSS was posted. Just curious. I know of people who have - friends of friends. Have you got all the appropriate filesystem patches to enable the system to read the DVD UDF filesystem? Mike. From maryhawking@tigers.demon.co.uk Thu, 16 Nov 2000 07:04:54 +0000 Date: Thu, 16 Nov 2000 07:04:54 +0000 From: Mary Hawking maryhawking@tigers.demon.co.uk Subject: Branch surgeries to connect to main surgery via NHSNet I wonder whether I could ask for views on this from ukcrypto? I have posted this on two other specialist lists - and the issues of risks of transmission don't seem clear. The basic set-up is that at present branch surgeries - if computerised *and* communicating with the main surgery - use either a land line or some other point-to-point connection. The proposal to route branch to main surgery communications - and the volume of data transfer required in the new systems and increasing "paperlessness" - via the NHSNet would require a large bandwidth and might involve security risks.. I think. 1. practice systems are protected by a fire wall: if the connection between the branch and main surgeries is open, would it be possible for anyone to obtain unauthorised access to either end of the link? 2. If it is unsafe to transmit patient information by email because of the risk of unauthorised or accidental breach of confidentiality, would the same considerations apply here? 3. If 2 is true, how could the data be protected? Would it be possible to use encryption in this scenario, and if it were both desirable and possible, would this require major investment in software and development? Remember the number of sites potentially involved for each GP system supplier is very small. The original posting:- At one of the PCG/LIS meetings I attend, I heard from the HA that it had been decided - centrally - that Branch Surgeries would be connected to the NHS Net, and *all* communications between the main surgery and branch surgeries would be handled via NHSNet: consequently there was no need to support land lines or other means of communication. Questions ;- Is this certain? Is it possible to run a branch surgery communication with the main surgery via NHSNet, seeing the current problems with importing and exporting patient records and varying dependability of the NHSNet? Is the problem the same for all GP systems? Are there the same confidentiality issues as with the transport of patient information in email? i.e. encryption .. Mary -- Mary Hawking Kingsbury Court Surgery Church Street Dunstable Beds LU5 4RS tel 01582 663218 fax 01582 476488 email Mary.Hawking@gp-E81045.nhs.uk From DHowe@Hawkswing.demon.co.uk Thu, 16 Nov 2000 09:57:07 -0000 Date: Thu, 16 Nov 2000 09:57:07 -0000 From: David Howe DHowe@Hawkswing.demon.co.uk Subject: Branch surgeries to connect to main surgery via NHSNet "Mary Hawking" wrote: > I wonder whether I could ask for views on this from ukcrypto? > I have posted this on two other specialist lists - and the issues of > risks of transmission don't seem clear. > The basic set-up is that at present branch surgeries - if computerised > *and* communicating with the main surgery - use either a land line or > some other point-to-point connection. > The proposal to route branch to main surgery communications - and the > volume of data transfer required in the new systems and increasing > "paperlessness" - via the NHSNet would require a large bandwidth and > might involve security risks.. I think. Certainly sounds like it - there are methods to prevent this (mostly either direct file encryption or IPsec) but these cost - either in terms of commerical packages or in development time. > 1. practice systems are protected by a fire wall: if the connection > between the branch and main surgeries is open, would it be possible for > anyone to obtain unauthorised access to either end of the link? It depends too heavily on the software to judge; certainly, if the data in transit is not secured with crypto, it could be intercepted and read. > 2. If it is unsafe to transmit patient information by email because of > the risk of unauthorised or accidental breach of confidentiality, would > the same considerations apply here? yes > 3. If 2 is true, how could the data be protected? Would it be possible > to use encryption in this scenario, and if it were both desirable and > possible, would this require major investment in software and > development? Remember the number of sites potentially involved for each > GP system supplier is very small. A lot depends on what you are trying to do - if you are connecting a small number of satelite sites to a central one, and are committed to buying firewalls for them anyhow, you might want to look at a system called Firewall-1 - it comes bundled with a VPN system (VPN-1) which will automagically encrypt data leaving the firewall and, providing the destination has the same firewall, decrypt it on arrival. Virtual Private Networking is a pretty specialised area though, even for network admins, and you would be advised to get your setup vetted by a consultant before going live with it. There are also free alternatives (for the software, obviously you will have to buy hardware to run that software) such as KAME and FreeSWan. It is also possible to arrange for the same thing at a lower level - there is a tunnelling protocol that can set up a single encrypted link between two machines and of course you can encrypt individual files for transmission - but that requires alteration of your software, how much depends on the software and how much can be changed by the people doing the development. Short answer? It is possible to make NHSnet transmission faster and more secure than even the point-to-point system you have now, but how and where you set up the encryption will determine the cost, and I suspect it will be an upper-level admin decision rather than a practical one :+) Any of that help? From Q.G.Campbell@newcastle.ac.uk Thu, 16 Nov 2000 12:48:38 +0000 (GMT) Date: Thu, 16 Nov 2000 12:48:38 +0000 (GMT) From: Quentin Campbell Q.G.Campbell@newcastle.ac.uk Subject: NZ legislates to legalise LEA hacking/interception To: Quentin Campbell Subject: NZ e-mail bill info from newsbytes http://www.newsbytes.com/news/00/158161.html Opposition To New Zealand Hacking Bill Mounts =20 By Adam Creed, Newsbytes WELLINGTON, NEW ZEALAND, 15 Nov 2000, 12:23 AM CST The New Zealand Greens political party has voiced its opposition to a planned amendment to the country's crime bill that could allow security services to hack into citizens' computers and intercept e-mail and faxes.=20 The long-awaited legislation is mainly intended to criminalize computer hacking in New Zealand. The country has been without specific legislation outlawing malicious hacking.=20 While supporting the main thrust of the planned laws, the Greens do not want to support a law that also gives the police and security services the right to hack into computers and intercept e-mail and faxes.=20 "We won't support interception powers for state agencies, which in the electronic area would be a considerable assault on people's privacy," said a Greens spokesperson, adding that such new powers would be much more open to abuse.=20 "There are serious doubts that such interception would do much to catch criminals," he added. "Real villains can easily avoid detection through using disguised language, encryption, temporary Hotmail addresses, rerouters and unlisted mobile phones. Therefore the cost to public privacy might greatly outweigh the beneficial effect of catching more criminals."=20 He said that "misuse" of the world-wide Echelon interception network already illustrated the potential for privacy violations.=20 Information Minister Paul Swain responded to criticism of the proposed laws by calling for elected representatives to pass a motion that would table the amendment first.=20 He said there would be time to debate the proposed laws when the Bill is referred back to Parliament.=20 "However the overarching purpose of this (amendment) is to make hacking illegal in New Zealand =AD I think that is vital for every New Zealander who owns a computer. We need to send a strong message that hacking is not cool, it is not clever, it is a serious crime," Swain added.=20 Reported By Newsbytes.com, http://www.newsbytes.com .=20 00:23 CST=20 (20001115/WIRES TOP, ASIA, ONLINE, LEGAL/)=20 From simon@cliffestones.demon.co.uk Fri, 17 Nov 2000 01:17:58 +0000 (GMT) Date: Fri, 17 Nov 2000 01:17:58 +0000 (GMT) From: simon@cliffestones.demon.co.uk simon@cliffestones.demon.co.uk Subject: Branch surgeries to connect to main surgery via NHSNet Mary, > 1. practice systems are protected by a fire wall: if the connection > between the branch and main surgeries is open, would it be possible for > anyone to obtain unauthorised access to either end of the link? I can only comment on my local HA about whose setup I know a little. NHS net coverage for their GP practices is about 100% I believe. All sites are connected to the HA by a 128k frame relay network, the lines are leased from Telewest. The HA is the ISP, it is the network provider all connections to the Internet are made through the HA's gateway. The GP's are are part of a Virtual Private Network. Access to the VPN can only be made through the HA. So to crack into the network you would have to compromise the HA's gateway machine first. I only had dealings with one of Clinical systems operated over the VPN. All connections were secured by a 128-bit session key. I obviously have no idea whether it was implemented correctly, I can only assume it was and I also have no idea of the algorithm used. > 2. If it is unsafe to transmit patient information by email because of > the risk of unauthorised or accidental breach of confidentiality, would > the same considerations apply here? I believe that all email sent in the above detailed setup would never leave the VPN so would only be readable by the practises involved and the sys Admins at the HA > 3. If 2 is true, how could the data be protected? Would it be possible > to use encryption in this scenario, and if it were both desirable and > possible, would this require major investment in software and > development? Remember the number of sites potentially involved for each > GP system supplier is very small. You could encrypt all emails with a utility like PGP which would secure them, but that to me sounds like a bit of a Kludge. Modern Clinical systems can do all of this for you, a clinical system upgrade or change sounds like the best idea. I only worked for my local HA briefly so some of my information maybe inaccurate, I am also an Engineer that dabbles in Crypto, not a network security expert. what are your current dependability problems with NHSnet? Simon. -- Simon Brown Simon at cliffestones.demon.co.uk DH/DSS Public key 0x93BE39C9 RSA Public key 0x9052E271 From matthewgream@hotmail.com Fri, 17 Nov 2000 09:44:37 GMT Date: Fri, 17 Nov 2000 09:44:37 GMT From: matthew gream matthewgream@hotmail.com Subject: CYberCoPZ rulz CypherPunkz >The public need to be educated, not placated. Yes, I agree - sorry, I am suggesting that my cynical perspective is that they are going for a quick fix placation rather than education. >Thanks to the media, we have "evil hackers need to be stopped from >producing viruses >- something must be done" not "its a microsoft problem - can they fix >it". > >Likewise with crypto (getting back on topic), which is painted as a tool >for P's., >- not compared with postal mail etc. > >My personal rant, the general public don't seem to care about privacy, >whether CCTV >ID cards (oops driving licences :) ) or whatever. Until that changes, >the media will >continue their "if you've nothing to hide ..." tirade. I have lectured in Australia on network cultures and sociological aspects of computing - my primary aim was to illustrate that computer hacking and other social problems are exactly that - social problems, problems of people and human condition, and therefore perhaps more amenable to being delt with through other channels - i.e. a similarity to graffiti, adolescent crime, identity building, gangs and so on. There are many other examples of these problems in society that do not get as much attention, precisely because people have heard it all before, and its not newsworthy, whereas evil hackers and computers generate attention. Half the problem is trying to educate the media, and I think they are even more difficult than children. It would be just a little step forward if the media conceeded slightly to frame their reporting into this kind of context, which would then at least educate the public and make them aware that it is a sociological problem. Perhaps they do this already, if so, then that comment is pointless. Best regards, Matthew. -- matthew.gream@pobox.com, http://www.pobox.com/~matthew.gream _________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Share information about yourself, create your own public profile at http://profiles.msn.com. From chl@clw.cs.man.ac.uk Thu, 16 Nov 2000 22:55:38 +0000 (GMT) Date: Thu, 16 Nov 2000 22:55:38 +0000 (GMT) From: Charles Lindsey chl@clw.cs.man.ac.uk Subject: Living with R.I.P. The slides of the talk I gave at Cambridge on Tuesday No 14th can be found at http://www.cs.man.ac.uk/~chl/living.pdf Charles H. Lindsey ---------At Home, doing my own thing------------------------ Email: chl@clw.cs.man.ac.uk Web: http://www.cs.man.ac.uk/~chl Voice/Fax: +44 161 436 6131 Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K. PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5 From ben@algroup.co.uk Sat, 18 Nov 2000 11:16:26 +0000 Date: Sat, 18 Nov 2000 11:16:26 +0000 From: Ben Laurie ben@algroup.co.uk Subject: Branch surgeries to connect to main surgery via NHSNet Mary Hawking wrote: > > I wonder whether I could ask for views on this from ukcrypto? > I have posted this on two other specialist lists - and the issues of > risks of transmission don't seem clear. > The basic set-up is that at present branch surgeries - if computerised > *and* communicating with the main surgery - use either a land line or > some other point-to-point connection. > The proposal to route branch to main surgery communications - and the > volume of data transfer required in the new systems and increasing > "paperlessness" - via the NHSNet would require a large bandwidth and > might involve security risks.. I think. > > 1. practice systems are protected by a fire wall: if the connection > between the branch and main surgeries is open, would it be possible for > anyone to obtain unauthorised access to either end of the link? The presence of the firewall has little bearing on this matter - what are the ends of the link running? How are they connected to other systems? > 2. If it is unsafe to transmit patient information by email because of > the risk of unauthorised or accidental breach of confidentiality, would > the same considerations apply here? Err, what? PGP, anyone? > 3. If 2 is true, how could the data be protected? Would it be possible > to use encryption in this scenario, and if it were both desirable and > possible, would this require major investment in software and > development? Remember the number of sites potentially involved for each > GP system supplier is very small. Of course it is possible. Easy, even. Cheers, Ben. -- http://www.apache-ssl.org/ben.html "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff From lists@notatla.demon.co.uk Sun, 19 Nov 2000 12:57:49 GMT Date: Sun, 19 Nov 2000 12:57:49 GMT From: lists@notatla.demon.co.uk lists@notatla.demon.co.uk Subject: First Quarterly Cryptuk Meeting on 29Nov2000 Wed 29 Nov 2000: Ben Laurie on programming with OpenSSL "The Old English Club" on the first floor of "F.T.'s Free House" in Savage Gardens, EC3. Savage Gardens is between Crutched Friars and Pepys Street and about opposite the Novotel found on your left when leaving Fenchurch St station and your right (round a corner) when leaving Tower Hill tube. It can be seen on http://www.streetmap.co.uk . We have the 1st floor bar area from 7-9pm. From Andrew.Cormack@ukerna.ac.uk Mon, 20 Nov 2000 09:54:46 +0000 Date: Mon, 20 Nov 2000 09:54:46 +0000 From: Andrew Cormack Andrew.Cormack@ukerna.ac.uk Subject: Living with R.I.P. At 22:55 16/11/00 +0000, Charles Lindsey wrote: >The slides of the talk I gave at Cambridge on Tuesday No 14th can be found at > http://www.cs.man.ac.uk/~chl/living.pdf Charles, Many thanks for posting those as a very useful summary of where we are at. The comment about "fell of the back of a lorry" reminded me of a concern I've not seen addressed, perhaps because it's very specific to my line of work. When intruders break into computers, they very often run sniffer programs which record passing traffic on the network. That is clearly now an illegal interception (a good thing). BUT, when the intrusion is discovered, the records kept by such programs can be very useful in clearing up the mess. For one thing they allow system admins to contact other sites where passwords may have been compromised by the sniffer program; for another they will often also have captured at least a partial record of the intruder's activity. In the latter case we may get information about which vulnerability in the system was used, other systems involved in the break in etc. It would be a great shame if we couldn't use this information for good, but under the present law it seems very unclear whether we can actually do so. Any comments would be very welcome, (Apologies if this seems somewhat off-topic for the list) Andrew -------------------------------------------------------------- Andrew Cormack Head of CERT UKERNA, Atlas Centre, Chilton, Didcot, Oxon. OX11 0QS Phone: 01235 822 302 E-mail: Andrew.Cormack@ukerna.ac.uk Fax: 01235 822 398 From chl@clw.cs.man.ac.uk Mon, 20 Nov 2000 17:46:44 +0000 (GMT) Date: Mon, 20 Nov 2000 17:46:44 +0000 (GMT) From: Charles Lindsey chl@clw.cs.man.ac.uk Subject: Living with R.I.P. On Mon, 20 Nov 2000 09:54:46 +0000 Andrew Cormack said... > The comment about "fell of the back of a lorry" reminded me of a concern > I've not seen addressed, perhaps because it's very specific to my line of > work. When intruders break into computers, they very often run sniffer > programs which record passing traffic on the network. That is clearly now > an illegal interception (a good thing). BUT, when the intrusion is > discovered, the records kept by such programs can be very useful in > clearing up the mess. For one thing they allow system admins to contact > other sites where passwords may have been compromised by the sniffer > program; for another they will often also have captured at least a partial > record of the intruder's activity. In the latter case we may get > information about which vulnerability in the system was used, other systems > involved in the break in etc. It would be a great shame if we couldn't use > this information for good, but under the present law it seems very unclear > whether we can actually do so. I don't see why you cannot use it. The intruder has kindly left you some buckshee information. May be it even mentioned some real people, but since you did not create the data you can hardly break the DPA by using it. I cannot see that interacting with other victims amounts to "interception" on your part, and in any case it should be covered by S3(3). Indeed, you are in a better position that Plod who obtained similar information with warranted interception, because you can use it as evidence in Court. Indeed Plod can use it in evidence in COurt if it came from the back of a lorry. Charles H. Lindsey ---------At Home, doing my own thing------------------------ Email: chl@clw.cs.man.ac.uk Web: http://www.cs.man.ac.uk/~chl Voice/Fax: +44 161 436 6131 Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K. PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5 From Richard.Cox@mandarin.org Mon, 20 Nov 2000 11:45 +0000 (GMT Standard Time) Date: Mon, 20 Nov 2000 11:45 +0000 (GMT Standard Time) From: Richard D G Cox Richard.Cox@mandarin.org Subject: May be of interest ... FBI Surveillance Tool Questioned By D. IAN HOPPER, Associated Press Writer WASHINGTON (AP) - The FBI's controversial e-mail surveillance tool, known as Carnivore, can retrieve all communications that go through an Internet service - far more than FBI officials have said it does - a recent test of its potential sweep found, according to bureau documents. An FBI official involved with the test stressed Friday that although Carnivore has the ability to grab a large quantity of e-mails and Web communications, current law and specific court orders restrict its use. Nevertheless, privacy experts said they are worried about the breadth of Carnivore's capability and questioned why the FBI even conducted such a test in June if it intends to use the tool only for narrow purposes. "That really contradicts the explanation that the FBI has provided as to the purpose of the system and how it works," said David Sobel, general counsel for the Washington-based Electronic Privacy Information Center. "We've been led to believe that the purpose of Carnivore is to filter and pinpoint the particular communications that the FBI is authorized to obtain. If that's true, then why are they testing the system's ability to store and archive everything?" Sobel's group recently obtained the FBI documents providing the test results as part of litigation it brought under the Freedom of Information Act. In the lab report, FBI officials said Carnivore "could reliably capture and archive all unfiltered traffic to the internal hard drive" and could save the information on removable high-capacity disks as well. Marcus Thomas, head of the FBI's cybertechnology section, said in an interview with The Associated Press that the test was only done to check Carnivore's "breaking point." He said the tool wouldn't be used to capture broad swaths of Internet communications in a real-world situation. Thomas was one of the FBI agents who approved the lab report. "Certainly, in operation, you could set the filters up to do nothing," Thomas said. "But our procedures are very detailed, we'll only do what we're allowed to in a court order." The difference of opinion is the latest in what has become a debate between Carnivore's capabilities and its actual use. While law enforcement officials have admitted that Carnivore can capture much more than e-mail, including Internet chats and Web browsing, FBI officials insist it is only used to copy e-mail to or from a criminal suspect in accordance with a court order. Opponents say the "black box" nature of the system keeps the public from knowing what it can really do, and its installation at an Internet provider may cause network problems. The Electronic Privacy Information Center started receiving batches of Carnivore-related material in October, after a court ordered the FBI to release the information. EPIC representatives said they have received about 550 pages so far, and expect to get only about 30 percent of the 3,000 documents related to Carnivore. Most of the release documents have large portions blacked out. FBI officials say Carnivore has been used in about 25 cases, most involving national security. Congress considered several measures this year to rein in Carnivore, but none survived. Lawmakers have said that they may consider measures again next year. An independent review of Carnivore was ordered by Attorney General Janet Reno, and that report was due to be received by the Justice Department on Friday, Justice spokeswoman Chris Watney said. Watney said the report is expected to be released to the public early next week, after it is edited to eliminate references to Carnivore's internal blueprints and other sensitive material. From k.brown@ccs.bbk.ac.uk Tue, 21 Nov 2000 11:09:55 +0000 Date: Tue, 21 Nov 2000 11:09:55 +0000 From: Ken Brown k.brown@ccs.bbk.ac.uk Subject: Living with R.I.P. Imagine someone breaks into my house, steals stuff, and drops his bag on the way out. In it is a paper with a list of addresses on it, including mine and yours. Do the police arrest me if I warn you? Ken Charles Lindsey wrote: > > On Mon, 20 Nov 2000 09:54:46 +0000 > Andrew Cormack said... > > > The comment about "fell of the back of a lorry" reminded me of a concern > > I've not seen addressed, perhaps because it's very specific to my line of > > work. When intruders break into computers, they very often run sniffer > > programs which record passing traffic on the network. That is clearly now > > an illegal interception (a good thing). BUT, when the intrusion is > > discovered, the records kept by such programs can be very useful in > > clearing up the mess. For one thing they allow system admins to contact > > other sites where passwords may have been compromised by the sniffer > > program; for another they will often also have captured at least a partial > > record of the intruder's activity. In the latter case we may get > > information about which vulnerability in the system was used, other systems > > involved in the break in etc. It would be a great shame if we couldn't use > > this information for good, but under the present law it seems very unclear > > whether we can actually do so. > > I don't see why you cannot use it. The intruder has kindly left you > some buckshee information. May be it even mentioned some real people, > but since you did not create the data you can hardly break the DPA by > using it. I cannot see that interacting with other victims amounts to > "interception" on your part, and in any case it should be covered by > S3(3). Indeed, you are in a better position that Plod who obtained > similar information with warranted interception, because you can use it > as evidence in Court. Indeed Plod can use it in evidence in COurt if it > came from the back of a lorry. > > Charles H. Lindsey ---------At Home, doing my own thing------------------------ > Email: chl@clw.cs.man.ac.uk Web: http://www.cs.man.ac.uk/~chl > Voice/Fax: +44 161 436 6131 Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K. > PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5 From chl@clw.cs.man.ac.uk Tue, 21 Nov 2000 16:01:31 +0000 (GMT) Date: Tue, 21 Nov 2000 16:01:31 +0000 (GMT) From: Charles Lindsey chl@clw.cs.man.ac.uk Subject: Living with R.I.P. On Tue, 21 Nov 2000 11:09:55 +0000 Ken Brown said... > > Imagine someone breaks into my house, steals stuff, and drops his bag on > the way out. In it is a paper with a list of addresses on it, including > mine and yours. Do the police arrest me if I warn you? No, you assume the thief is registered under the DPA, identify him in the register, and invite your friend to exercise his rights to demand a transcript of his details from the thief :-) . Charles H. Lindsey ---------At Home, doing my own thing------------------------ Email: chl@clw.cs.man.ac.uk Web: http://www.cs.man.ac.uk/~chl Voice/Fax: +44 161 436 6131 Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K. PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5 From cb@fipr.org Wed, 22 Nov 2000 12:48:56 -0000 Date: Wed, 22 Nov 2000 12:48:56 -0000 From: Caspar Bowden cb@fipr.org Subject: FW: Carnivore draft report released -----Original Message----- From: owner-cryptography@c2.net [mailto:owner-cryptography@c2.net]On Behalf Of Steve Bellovin Sent: 22 November 2000 03:10 To: cryptography@c2.net Subject: Carnivore draft report released The draft Carnivore report is at http://www.usdoj.gov/jmd/publications/carniv_entry.htm I haven't checked yet to see if any of the redactions are reversible... --Steve Bellovin From cb@fipr.org Wed, 22 Nov 2000 14:22:57 -0000 Date: Wed, 22 Nov 2000 14:22:57 -0000 From: Caspar Bowden cb@fipr.org Subject: RIP Tribunal Mummery It will be recalled that Carmichael responded to the IOCA 99 consultation (http://www.homeoffice.gov.uk/oicd/wgcarmic.pdf), which sheds some light on the technical sophistication of the Tribunal -- Caspar Bowden Tel: +44(0)20 7354 2333 Director, Foundation for Information Policy Research RIP Information Centre at: www.fipr.org/rip#media http://www.parliament.the-stationery-office.co.uk/cgi-bin/htm_hl?DB=ukparl&S TEMMER=en&WORDS=regul+investigatori+power+&COLOUR=Red&STYLE=&URL=/pa/ld19969 7/ldhansrd/pdvn/lds00/text/01101w03.htm#01101w03_wqn3 1st Nov Investigatory Powers Tribunal Lord Desai asked Her Majesty's Government: What arrangements have been made for the appointment of members of the tribunal to be set up under the Regulation of Investigatory Powers Act 2000.[HL4469] Lord Bassam of Brighton: On 2 October, Her Majesty the Queen appointed eight members to the new Investigatory Powers Tribunal by Letters Patent for a period of five years. Lord Justice Mummery has been appointed as president of the tribunal and Sir Michael Burton as vice-president. The remaining six members of the tribunal are Sheriff Principal John Colin McInnes QC, Sir David Calcutt QC, Sir Richard Gaskell, Mr Robert Seabrook QC, Mr Peter Scott QC and Mr William Carmichael. From I.Brown@cs.ucl.ac.uk Wed, 22 Nov 2000 14:58:02 +0000 Date: Wed, 22 Nov 2000 14:58:02 +0000 From: Ian BROWN I.Brown@cs.ucl.ac.uk Subject: RIP Tribunal Mummery To save people's time, Carmichael's IOCA comments can be summarised as: (a) "These restraints on interception are damned inconvenient. Can't we remove them?" (specifically on surveillance of activities damaging the economic wellbeing of the UK being limited to acts or intentions of persons outside the British Islands) (b) "The rest of Europe admits intercepts in court, so can't we come up with some way that our Agencies can do this without being cross-examined on the details?" Sounds like he will make a fine member of the tribunal... From oml@eloka.demon.co.uk Wed, 22 Nov 2000 15:42:03 -0000 Date: Wed, 22 Nov 2000 15:42:03 -0000 From: Owen Lewis oml@eloka.demon.co.uk Subject: RIP Tribunal Mummery -----Original Message----- From: Ian BROWN To: ukcrypto@chiark.greenend.org.uk Cc: FIPR-AC (E-mail) Date: 22 November 2000 15:00 Subject: Re: RIP Tribunal Mummery >To save people's time, Carmichael's IOCA comments can be summarised as: > >(a) "These restraints on interception are damned inconvenient. Can't we remove >them?" (specifically on surveillance of activities damaging the economic >wellbeing of the UK being limited to acts or intentions of persons outside the >British Islands) Hmm... I think I am rather more interested in how 'economic well being' shall be determined than whether a perp is within or without the UK. > >(b) "The rest of Europe admits intercepts in court, so can't we come up with >some way that our Agencies can do this without being cross-examined on the >details?" In practice, they already have this. Tapes (intercepts) resulting from intecept under SoS warrant are not offered in evidence. Where the intercepts are acquired other than than under a SoS warrant, the tapes - the whole of such tapes as upon which the Crown shall rely for its case- are entered as evidential items and are, at the discretion of the judge, made available to a defence expeforensic examination. The same judge may afford the Crown a public interest indemnity cetificate in respect to the tapes. This means that the defence may not ask for disclosure of any detail regardig the technical means by which the material on the tapes was obtained. Whilst understanding why such certificates are given, it can add somewhat to the burden on the defence. In practice, an defence expert should be able to glean all that is necessary from detailed examinationof the tapes, other related evidence and background knowledge and experience. However, additional work is caused (for which in a criminal trial the Crown usually pays) that would otherwise be unnecessary if the facts were plainly presented. Covert intercepts make for good intelligence. They often make for poor evidence unless those running the interception and proccessing the take are properly aware that knowing something and having good evidence are not necessarily the same thing. Owen > >Sounds like he will make a fine member of the tribunal... > > > From jya@pipeline.com Wed, 22 Nov 2000 14:58:59 -0500 Date: Wed, 22 Nov 2000 14:58:59 -0500 From: John Young jya@pipeline.com Subject: Carnivore Report We offer an HTML version of the Carnivore technical review report released yesterday by the Department of Justice (without appendices): http://cryptome.org/carnivore.rev.htm (164KB text, 8 images) The original PDF report is 9.4MB, 121 pages. One notable conclusion about Carnivore's shortcomings and why its code should not be released to the public: Carnivore can be countered with simple, public-domain encryption. But it can snarf everything done by a targeted Web user, e-mail, FTP, HTTP, and you name it. And, as Nicky Hager writes today, this capability is to become the global standard if the FBI gets its way: http://www.heise.de/tp/english/special/enfo/4306/1.html From fm@st-kilda.org Wed, 22 Nov 2000 19:32:20 +0000 Date: Wed, 22 Nov 2000 19:32:20 +0000 From: Fearghas McKay fm@st-kilda.org Subject: Sealand on Radio 4's PM but not for secure colo but... Radio Hams wanting to broadcast illegally - and the UK government insisting that they have jurisdiction and unlimited fines on the way for radio hams communicating to and from Sealand. No mention of Havenco, but an interview with Prince Michael who has been handing out radio ham licences. http://news.bbc.co.uk/olmedia/cta/radioseq/pm.ram - has today's programme - the item starts around 56 mins. f From matthew@idrach.com Thu, 23 Nov 2000 08:25:06 +0000 Date: Thu, 23 Nov 2000 08:25:06 +0000 From: Matthew Pemble matthew@idrach.com Subject: Sealand on Radio 4 Doesn't anyone think this is a little fishy (bad pun but ...) Be honest, government regulation of amateur radio is something accepted by the small minority that don't completely ignore it. Establish a secure, recent precedent that Sealand is subject to UK law for anything, how ever trivial, and it is then subject to UK law for everything. Or am I being cynical (or just wrong about the legal aspects)? -- Matthew Pemble Eur Ing CEng MIEE AIMgt Technical Director Idrach Ltd Tel: + 44 (0) 7050 128620 Fax: + 44 (0) 1324 610367 Email: matthew@idrach.com Web: www.idrach.com From k.brown@ccs.bbk.ac.uk Thu, 23 Nov 2000 11:07:36 +0000 Date: Thu, 23 Nov 2000 11:07:36 +0000 From: Ken Brown k.brown@ccs.bbk.ac.uk Subject: RIP Tribunal Mummery Owen Lewis wrote: > Tapes (intercepts) resulting from intecept under SoS warrant are not offered > in evidence. Where the intercepts are acquired other than than under a SoS > warrant, the tapes - the whole of such tapes as upon which the Crown shall > rely for its case- are entered as evidential items and are, at the > discretion of the judge, made available to a defence expeforensic > examination. The same judge may afford the Crown a public interest indemnity > cetificate in respect to the tapes. This means that the defence may not ask > for disclosure of any detail regardig the technical means by which the > material on the tapes was obtained. > > Whilst understanding why such certificates are given, it can add somewhat to > the burden on the defence. In practice, an defence expert should be able to > glean all that is necessary from detailed examinationof the tapes, other > related evidence and background knowledge and experience. However, > additional work is caused (for which in a criminal trial the Crown usually > pays) that would otherwise be unnecessary if the facts were plainly > presented. Carmichael seems to be saying that a transcript of a voice tape should be sufficient evidence, if it is covered by a certificate from the Home Secretary that it was made in accordance with a warrant. The defence & the court wouldn't see the original warrant, wouldn't see the tapes, and wouldn't be told how or by whom they were made. http://www.homeoffice.gov.uk/oicd/wgcarmic.pdf includes "If the material is taped and a certified transcript served on the accused hopefully the Defence would not challenge it so there would be no need for any witnesses" They would have to be very hopeful when they served it. What would happen if the defence did challenge this evidence? ("I don't remember saying that"?) The court would have no reason, other than the certificate, to believe that it was in any way real. The only way such evidence could be used in practice is if the court was somehow directed to believe it. In effect this would give permission to the snoopers to fix anyone up without any defence. They could say that someone said such and such a thing and courts would have to accept it without any witnesses. On the evidence of this one document this is *not* a man to be trusted with protection of our liberties. Ken From cb@fipr.org Thu, 23 Nov 2000 11:31:10 -0000 Date: Thu, 23 Nov 2000 11:31:10 -0000 From: Caspar Bowden cb@fipr.org Subject: RIP Tribunal Mummery Never let it be said the Home Office doesn't have a sense of humour - my dictionary defines Mummery as "pointless or pretentious ceremonial". Seems apposite because the Tribunal will take evidence from Agencies complained of in secret hearings, without necessarily providing complainant or their lawyer with even a summary, or allowing cross-examination of that secret testimony by even a vetted "special advocate" supposed to look after the complainant's interest. Hansard begins at http://www.parliament.the-stationery-office.co.uk/pa/cm199900/cmstand/deleg1 /st001030/01030s01.htm -- Caspar Bowden Tel: +44(0)20 7354 2333 Director, Foundation for Information Policy Research RIP Information Centre at: www.fipr.org/rip#media >-----Original Message----- >From: ukcrypto-admin@chiark.greenend.org.uk >[mailto:ukcrypto-admin@chiark.greenend.org.uk]On Behalf Of >Caspar Bowden >Sent: 22 November 2000 14:23 >To: FIPR-AC (E-mail); Ukcrypto (E-mail) >Subject: RIP Tribunal Mummery .. Lord Justice Mummery has been appointed as president of the tribunal and Sir Michael Burton as vice-president. The remaining six members of the tribunal are Sheriff Principal John Colin McInnes QC, Sir David Calcutt QC, Sir Richard Gaskell, Mr Robert Seabrook QC, Mr Peter Scott QC and Mr William Carmichael. From Pete.Chown@skygate.co.uk Thu, 23 Nov 2000 11:44:47 +0000 Date: Thu, 23 Nov 2000 11:44:47 +0000 From: Pete Chown Pete.Chown@skygate.co.uk Subject: RIP Tribunal Mummery Caspar Bowden wrote: > It will be recalled that Carmichael [who has now been appointed to > the IOCA tribunal] responded to the IOCA 99 consultation ... I understood the Tribunal to have a judicial role, even though it sits in secret. It seems rather odd, then, for someone to be appointed to it who has already made his views public. For example Lord Hoffman couldn't participate in the Pinochet case because of his links with Amnesty International. Am I missing something obvious here? -- Pete From owen.blacker@pres.co.uk Thu, 23 Nov 2000 17:58:39 -0000 Date: Thu, 23 Nov 2000 17:58:39 -0000 From: Owen Blacker owen.blacker@pres.co.uk Subject: RIP Tribunal Mummery -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 No, IIRC, he *chose* not to participate in the Pinochet because of his links with AI. I don't believe he was precluded from doing so, merely that (in the interests of transparency and all that) he chose to exclude himself... O x - ----- Owen Blacker Senior Internet Developer and InfoSec Consultant, pres.co I now have new PGP keys -- qv http://www.owens-place.org.uk/pgp.html Sig 0x00036874 | d39f b776 fa20 c125 b0e2 aa6d 555e 4126 0003 6874 > -----Original Message----- > From: Pete Chown [mailto:Pete.Chown@skygate.co.uk] > Sent: Thursday, November 23, 2000 11:45 AM > To: ukcrypto@chiark.greenend.org.uk > Subject: Re: RIP Tribunal Mummery > > > Caspar Bowden wrote: > > > It will be recalled that Carmichael [who has now been appointed > > to the IOCA tribunal] responded to the IOCA 99 consultation ... > > I understood the Tribunal to have a judicial role, even though it > sits in secret. It seems rather odd, then, for someone to be > appointed to it who has already made his views public. For example > Lord Hoffman couldn't participate in the Pinochet case because of > his links with Amnesty International. > > Am I missing something obvious here? > > -- > Pete > > > > > ____________________________________________________________________ > _ This message has been checked for all known viruses by UUNET > delivered > through the MessageLabs Virus Control Centre. For further > information visit > http://www.uk.uu.net/products/security/virus/ > -----BEGIN PGP SIGNATURE----- Version: PGP 7.0 Comment: Due to RIP, pls check for revocation before using this key! iQA/AwUBOh1bFVVeQSYAA2h0EQLEAgCgsvR2R/EN/C8xiw/7iHm/qYpUMxYAn2I8 dh7HUbhUfAzpvXLmtqxSwYIY =PVx0 -----END PGP SIGNATURE----- _____________________________________________________________________ This message has been checked for all known viruses by UUNET delivered through the MessageLabs Virus Control Centre. For further information visit http://www.uk.uu.net/products/security/virus/ From oml@eloka.demon.co.uk Thu, 23 Nov 2000 18:59:37 -0000 Date: Thu, 23 Nov 2000 18:59:37 -0000 From: Owen Lewis oml@eloka.demon.co.uk Subject: RIP Tribunal Mummery -----Original Message----- From: Ken Brown To: ukcrypto@chiark.greenend.org.uk Date: 23 November 2000 11:09 Subject: Re: RIP Tribunal Mummery >Owen Lewis wrote: > >> Tapes (intercepts) resulting from intecept under SoS warrant are not offered >> in evidence. Where the intercepts are acquired other than than under a SoS >> warrant, the tapes - the whole of such tapes as upon which the Crown shall >> rely for its case- are entered as evidential items and are, at the >> discretion of the judge, made available to a defence expeforensic >> examination. The same judge may afford the Crown a public interest indemnity >> cetificate in respect to the tapes. This means that the defence may not ask >> for disclosure of any detail regardig the technical means by which the >> material on the tapes was obtained. >> >> Whilst understanding why such certificates are given, it can add somewhat to >> the burden on the defence. In practice, an defence expert should be able to >> glean all that is necessary from detailed examinationof the tapes, other >> related evidence and background knowledge and experience. However, >> additional work is caused (for which in a criminal trial the Crown usually >> pays) that would otherwise be unnecessary if the facts were plainly >> presented. > >Carmichael seems to be saying that a transcript of a voice tape should >be sufficient evidence, if it is covered by a certificate from the Home >Secretary that it was made in accordance with a warrant. The defence & >the court wouldn't see the original warrant, wouldn't see the tapes, >and wouldn't be told how or by whom they were made. > >http://www.homeoffice.gov.uk/oicd/wgcarmic.pdf includes "If the material >is taped and a certified transcript served on the accused hopefully the >Defence would not challenge it so there would be no need for any >witnesses" Well, in my view that is just wishful thinking. In a fair number of cases the defence will not be doing its job not to challenge robustly any such service. It would seem that Mr Carmichael is without first hand experience of the quality of recordings covertly obtained and the quality of transcripts that can be obtained from them - even less does one imagine he has ever tried to create an accurate verbatim transcript. I don't think I have ever seen a perfect, unchallengable transcription. They can be described as someone's best effort to interpret sounds heard. Often the discrepancies between what one listener and another will hear are inconsequential and sometimes they are notnot. There are occasional errors even in the transcription of court proceedings, made from under near ideal circumstances, as is clear to any who has read them the question is whether the difference is material. Sometimes it might be though most times it is not. For example if the spoken word 'beach' is transcribed as 'beech' that alters meaning but the correct meaning can only be derived from the context and not from the sound itself. Without a context, either transcription is equally valid. Given a Latin accent, it is quite possible for 'bitch' also to be transcribed as either 'beach'or 'beech'. Where accent is heavy and English not the mother tongue, sometimes the context too can be no more than guesses - in other words, rendered as the transcriber decides best. You might or might not be surprised to know some of the words that end up being transcribed as 'bomb'. So much for accurate automatic search of audio streams for key words. If this all sounds a bit trivial, well, so it sometimes can be but not always so. Imagine a case where on a guilty finding the accused wouldl be sent down for in excess of 15 years. The key evidence that would nail him, the lynch pin in the Crown case, was whether or not he did say a name as the Crown claimed that he did, as shown in the transcript. Now, the quality of the original recording was so bad as to make what he did, in fact, say to be anyone's guess. However, a spectrogram of that single word showed, beyond dispute, that what he did say - what ever it was - had three syllables. The key word that would have been required to convict him had but one syllable and simply could not be contorted to simulate three. Yet it appeared in the transcript as the one syllable name. And, yes, the case against him did collapse. Covert recordings, at least as they are presently made and handled make lousy (though often enthralling) evidence and well deserve many of the challenges they cause. To do away with the rights both to challenge and to critical expert examination is to allow the Crown - not necessarily with malice - to write the verdict in cases where covert recordings are essential to its case. This is but one very small step away from dispensing with the nicety of any trial at all. 'Trial' has a plain meaning to a plain man. It is the case against an accused that is tested and not the accused in person. That may sound old fashioned and fanciful but, in my opinion and experience of many corners of this world, it provides a fundamental bastion against oppression through wrongful conviction. >They would have to be very hopeful when they served it. What would >happen if the defence did challenge this evidence? ("I don't remember >saying that"?) Hmmm.. Turning my hat around, it is not unknown for an accused simply to deny that it is his voice on the tape at all and to ask that an expert be found to give evidence to that effect. Strangely, I know of none who, when the simple tests required were explained to them and that no expert intends to commit perjury on their behalf, has chosen even to proceed to testing. >The court would have no reason, other than the >certificate, to believe that it was in any way real. The only way such >evidence could be used in practice is if the court was somehow directed >to believe it. In effect this would give permission to the snoopers to >fix anyone up without any defence. They could say that someone said such >and such a thing and courts would have to accept it without any >witnesses. That seems a pretty fair summation. >On the evidence of this one document this is *not* a man to >be trusted with protection of our liberties. Not necessarily. Good and able men often only entertain the highest motives, in others as well as for themselves. In this way virtue can be led towards vice through no more than innocence. What does seem necessary is that the technical uncertainties and where those uncertainties may lead should be explained in some detail to the good C and others of his persuasion. He should be assured that, if he is open to hear it, there is quite another,larger and contrary consideration that that upon which he presently fixes. If he is a fair man he will then need no persuasion (and far less personal denigration) to revise his view. One hopes that he enquire widely into the matter before pronouncing further. The contrary evidence is available should he only be prepared to hear it. Owen From david@swarb.freeuk.com Thu, 23 Nov 2000 19:17:57 -0000 Date: Thu, 23 Nov 2000 19:17:57 -0000 From: David Swarbrick david@swarb.freeuk.com Subject: RIP Tribunal Mummery -- David Swarbrick, Solicitor, Brighouse, West Yorkshire HD6 1RW T: +44(0)1484 722531 F: +44(0)1484 716617 m: david@swarb.freeuk.com w: www.swarb.co.uk The Law Society Regulates us in the conduct of investment business In practice, an defence expert > should be able to > > glean all that is necessary from detailed examinationof the tapes, other > > related evidence and background knowledge and experience. However, > > additional work is caused (for which in a criminal trial the > Crown usually > > pays) that would otherwise be unnecessary if the facts were plainly > > presented. > > > Carmichael seems to be saying that a transcript of a voice tape should > be sufficient evidence, if it is covered by a certificate from the Home > Secretary that it was made in accordance with a warrant. The defence & > the court wouldn't see the original warrant, wouldn't see the tapes, > and wouldn't be told how or by whom they were made. > > http://www.homeoffice.gov.uk/oicd/wgcarmic.pdf includes "If the material > is taped and a certified transcript served on the accused hopefully the > Defence would not challenge it so there would be no need for any > witnesses" > > They would have to be very hopeful when they served it. What would > happen if the defence did challenge this evidence? ("I don't remember > saying that"?) The court would have no reason, other than the > certificate, to believe that it was in any way real. I always remember a representative from Dictaphone trying to sell me a tape recorder designed to get rid of 'that annoying voice' in the background of a police interview tape. I should buy one he suggested, just like Huddersfiekd Police Station had bought one. I wonder why they might need one? From oml@eloka.demon.co.uk Thu, 23 Nov 2000 19:18:05 -0000 Date: Thu, 23 Nov 2000 19:18:05 -0000 From: Owen Lewis oml@eloka.demon.co.uk Subject: RIP Tribunal Mummery -----Original Message----- From: Owen Blacker To: 'ukcrypto@chiark.greenend.org.uk' Date: 23 November 2000 18:01 Subject: RE: RIP Tribunal Mummery > >-----BEGIN PGP SIGNED MESSAGE----- >Hash: SHA1 > >No, IIRC, he *chose* not to participate in the Pinochet because of >his links with AI. I don't believe he was precluded from doing so, >merely that (in the interests of transparency and all that) he chose >to exclude himself... There was much discussion of this in uk.legal and elsewhere at the time. Lord H did sit as one of the Law Lords who first decided that P could be extradited. ISTR this was a split decision with a majority of one, effectively making H's affirmative opinion decisive. When his close association with AI was disclosed, the House decided for set aside its finding and to hear the matter for a second time. I believe that this is unique in the annals of modern English justice. Though no one cast aspersions of H's motives - or on his opinion - it is generally held that it was a grave mistake that he did not debar himself from hearing the case. In my humble view, the more fundamental mistake is that *any* judge should associate himself with any group likely to be concerned with legal proceedings. It matters not how worthy the aims of any such organisation may seem to be. The judiciary needs not only to be independent but to be seen as independent. Surely, we are all entitled to our views but on acceding to certain offices, of which that of Judge is one, these views are best put aside and kept strictly private. Owen (^2 :-)) > From cb@fipr.org Thu, 23 Nov 2000 23:41:49 -0000 Date: Thu, 23 Nov 2000 23:41:49 -0000 From: Caspar Bowden cb@fipr.org Subject: Grim Humour YouGov 23/11/2000 Charles Clarke defends Labour's record on civil liberties http://www.yougov.com/news.html?news.id=10009739&context=e HOME OFFICE Minister Charles Clarke has hit back at suggestions that the Blair Government is more illiberal than its Thatcherite predecessor. The Norwich South MP, tipped by some to step into Jack Straw's boots in a forthcoming reshuffle, has said that he finds the idea that New Labour is more illiberal than the Thatcher Government "absolutely laughable". "You can say in the Freedom of Information Act for example, that it's not as good as some people would like, but it's a lot different to anything the Thatcher Government would have proposed." He denied that there was ever a problem in the RIP Act - covering the Government's email snooping powers - with the so-called reversal of the burden of proof, even though an amendment was made in the Lords which effectively corrected the reversal. When asked why the amendment was made if there was never any problem with the Bill, Mr Clarke blamed the Lib Dems "who argue for the lawyer position as they always do". "Parliamentary arithmetic," Mr Clarke said, was the reason for an amendment to a Bill with which he "didn't accept there was a problem in the first place." .... From cb@fipr.org Fri, 24 Nov 2000 01:36:40 -0000 Date: Fri, 24 Nov 2000 01:36:40 -0000 From: Caspar Bowden cb@fipr.org Subject: Burden of prrof re-opened by Clarke ? (was Grim Humour.. {"Parliamentary arithmetic," Mr Clarke said, was the reason for an amendment to a Bill with which he "didn't accept there was a problem in the first place."} We have linked up with annotations and references to Lords Committee stage at www.fipr.org/rip/#ClarkingDevice (and the full interview is at http://www.yougov.com/news.html?news.id=10009739&context=e and the Hansard is at http://www.parliament.the-stationery-office.co.uk/cgi-bin/htm_hl?DB=ukparl&S TEMMER=en&WORDS=rais+issu+still+possess+kei+&COLOUR=Red&STYLE=&URL=/pa/ld199 900/ldhansrd/pdvn/lds00/text/00628-27.htm#00628-27_spnew4) -- Caspar Bowden Tel: +44(0)20 7354 2333 Director, Foundation for Information Policy Research RIP Information Centre at: www.fipr.org/rip#media From ben@algroup.co.uk Fri, 24 Nov 2000 10:09:24 +0000 Date: Fri, 24 Nov 2000 10:09:24 +0000 From: Ben Laurie ben@algroup.co.uk Subject: Projector? So, has anyone got a VGA projector they can lend for Cryptuk next week? Explaining how to use OpenSSL without one may prove troublesome! Cheers, Ben. -- http://www.apache-ssl.org/ben.html "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff From roland@linx.net Fri, 24 Nov 2000 10:28:16 +0000 Date: Fri, 24 Nov 2000 10:28:16 +0000 From: Roland Perry roland@linx.net Subject: Sealand on Radio 4's PM In article , Fearghas McKay writes > but not for secure colo but... > >Radio Hams wanting to broadcast illegally - and the UK government >insisting that they have jurisdiction and unlimited fines on the way >for radio hams communicating to and from Sealand. > >No mention of Havenco, but an interview with Prince Michael who has >been handing out radio ham licences. > >http://news.bbc.co.uk/olmedia/cta/radioseq/pm.ram - has today's >programme - the item starts around 56 mins. I heard that programme too (there is after all some benefit in being forced off the trains into my car). And I thought it sounded like a pre- RIP softening up. But it completely begged the question of why the amateurs in question didn't get a UK amateurs licence *too* [which would surely be trivial for them] in order to cover their backs. -- Roland Perry | tel: +44 1733 207705 | roland@linx.org Interim CEO | fax: +44 1733 207729 | http://www.linx.net London Internet Exchange | mbl: +44 7050 604080 | /contact/roland From ben@algroup.co.uk Fri, 24 Nov 2000 10:50:53 +0000 Date: Fri, 24 Nov 2000 10:50:53 +0000 From: Ben Laurie ben@algroup.co.uk Subject: Grim Humour Caspar Bowden wrote: > "Parliamentary arithmetic," Mr Clarke said, was the reason for an amendment > to a Bill with which he "didn't accept there was a problem in the first > place." That democracy thing ... its so inconvenient! Cheers, Ben. -- http://www.apache-ssl.org/ben.html "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff From cb@fipr.org Fri, 24 Nov 2000 10:54:21 -0000 Date: Fri, 24 Nov 2000 10:54:21 -0000 From: Caspar Bowden cb@fipr.org Subject: Sealand on Radio 4's PM >[mailto:ukcrypto-admin@chiark.greenend.org.uk]On Behalf Of Roland Perry .. >>http://news.bbc.co.uk/olmedia/cta/radioseq/pm.ram - has today's >>programme - the item starts around 56 mins. ...but unfortunately there is only 18 seconds there! -- Caspar Bowden Tel: +44(0)20 7354 2333 Director, Foundation for Information Policy Research RIP Information Centre at: www.fipr.org/rip#media From I.Brown@cs.ucl.ac.uk Fri, 24 Nov 2000 10:55:31 +0000 Date: Fri, 24 Nov 2000 10:55:31 +0000 From: Ian BROWN I.Brown@cs.ucl.ac.uk Subject: Grim Humour Ben wrote: >That democracy thing ... its so inconvenient! Ironically, the "democratic" representatives in the Commons bleated their way through the Government lobby with few reservations... It was plutocracy that saved us on this one! From davidh@spidacom.co.uk Fri, 24 Nov 2000 14:10:18 -0000 Date: Fri, 24 Nov 2000 14:10:18 -0000 From: David Hansen davidh@spidacom.co.uk Subject: RIP Tribunal Mummery On 23 Nov 00, at 19:18, Owen Lewis wrote: > In my humble view, the more fundamental > mistake is that *any* judge should associate himself with any group > likely to be concerned with legal proceedings. Then judges would be involved with very few groups. As well as being an infringement on the right of judges to do whatever they like in thier private time such a move would make judges even less human than they appear to be currently. David Hansen | davidh@spidacom.co.uk | PGP email preferred Edinburgh | CI$ number 100024,3247 | key number F566DA0E From david@swarb.freeuk.com Fri, 24 Nov 2000 16:21:00 -0000 Date: Fri, 24 Nov 2000 16:21:00 -0000 From: David Swarbrick david@swarb.freeuk.com Subject: RIP Tribunal Mummery I agree. Judges are far too often accused of being remote from the world. Amnesty is directly concerned with justice issues, and is appropriate for a judge (and certainly for hs wife). -- David Swarbrick, Solicitor, Brighouse, West Yorkshire HD6 1RW T: +44(0)1484 722531 F: +44(0)1484 716617 m: david@swarb.freeuk.com w: www.swarb.co.uk The Law Society Regulates us in the conduct of investment business > -----Original Message----- > From: ukcrypto-admin@chiark.greenend.org.uk > [mailto:ukcrypto-admin@chiark.greenend.org.uk]On Behalf Of David Hansen > Sent: 24 November 2000 14:10 > To: ukcrypto@chiark.greenend.org.uk > Subject: Re: RIP Tribunal Mummery > > > On 23 Nov 00, at 19:18, Owen Lewis wrote: > > > In my humble view, the more fundamental > > mistake is that *any* judge should associate himself with any group > > likely to be concerned with legal proceedings. > > Then judges would be involved with very few groups. As well as > being an infringement on the right of judges to do whatever they like > in thier private time such a move would make judges even less > human than they appear to be currently. > > > > > David Hansen | davidh@spidacom.co.uk | PGP email preferred > Edinburgh | CI$ number 100024,3247 | key number F566DA0E > > > > > From benc@hawaga.org.uk Tue, 7 Nov 2000 12:53:44 +0000 (UCT) Date: Tue, 7 Nov 2000 12:53:44 +0000 (UCT) From: Ben Clifford benc@hawaga.org.uk Subject: GPL in the UK On Tue, 7 Nov 2000, Quentin Campbell wrote: > Financial journalists have pointed out that what is vastly more effective > as a protest would be to flood the banking system with cheques so that the > cheque clearing system collapses. > Writing a cheque is lawful and, as a means of protest, in the hands of > almost everyone who drives a car. The British Museum has a "poll tax" chequebook on display in its money section. This is a cheque book with spaces for you to fill in all your details, but it doesn't have the magic machine readable symbols at the bottom so can't be automatically sorted. The idea was to pay for you poll tax with them. Only problem is that I imagine most petrol shops won't take them :-( -- http://www.hawaga.org.uk/ From oml@eloka.demon.co.uk Fri, 24 Nov 2000 19:52:07 -0000 Date: Fri, 24 Nov 2000 19:52:07 -0000 From: Owen Lewis oml@eloka.demon.co.uk Subject: RIP Tribunal Mummery -----Original Message----- From: David Swarbrick To: ukcrypto@chiark.greenend.org.uk Date: 24 November 2000 16:25 Subject: RE: RIP Tribunal Mummery >Amnesty is directly concerned with justice issues, and is appropriate for a >judge (and certainly for hs wife). > But it was his name (rank and official title) he lent to their letterhead and not his wife's. Had he been plain Abe Hoffmann, kosher butcher, housewife or solr of East Cheam, it is unlikely that Amnesty would have solicited his station in life for their letterhead. There is absolutely no difference in principle between a judge who lends the gravitas of his rank and office to The Flat Earth Society, Amnesty International or the National Socialists. In each case he will lend something that is not his to give and will weaken his judicial position (though not perhaps his social standing) in so doing. Any perception you or I might have of the 'rightness' of any or all af these caused is unlikely to be shared by all others and is simply no justification for the holder of a senior judicial office publicly to support any of them. Owen > >-- >David Swarbrick, Solicitor, Brighouse, West Yorkshire HD6 1RW >T: +44(0)1484 722531 F: +44(0)1484 716617 m: david@swarb.freeuk.com w: >www.swarb.co.uk >The Law Society Regulates us in the conduct of investment business > >> -----Original Message----- >> From: ukcrypto-admin@chiark.greenend.org.uk >> [mailto:ukcrypto-admin@chiark.greenend.org.uk]On Behalf Of David Hansen >> Sent: 24 November 2000 14:10 >> To: ukcrypto@chiark.greenend.org.uk >> Subject: Re: RIP Tribunal Mummery >> >> >> On 23 Nov 00, at 19:18, Owen Lewis wrote: >> >> > In my humble view, the more fundamental >> > mistake is that *any* judge should associate himself with any group >> > likely to be concerned with legal proceedings. >> >> Then judges would be involved with very few groups. As well as >> being an infringement on the right of judges to do whatever they like >> in thier private time such a move would make judges even less >> human than they appear to be currently. >> >> >> >> >> David Hansen | davidh@spidacom.co.uk | PGP email preferred >> Edinburgh | CI$ number 100024,3247 | key number F566DA0E >> >> >> >> >> > > > From oml@eloka.demon.co.uk Fri, 24 Nov 2000 19:32:00 -0000 Date: Fri, 24 Nov 2000 19:32:00 -0000 From: Owen Lewis oml@eloka.demon.co.uk Subject: RIP Tribunal Mummery -----Original Message----- From: David Hansen To: ukcrypto@chiark.greenend.org.uk Date: 24 November 2000 14:13 Subject: Re: RIP Tribunal Mummery >On 23 Nov 00, at 19:18, Owen Lewis wrote: > >> In my humble view, the more fundamental >> mistake is that *any* judge should associate himself with any group >> likely to be concerned with legal proceedings. > >Then judges would be involved with very few groups. Quite so. The fewer the better, >As well as >being an infringement on the right of judges to do whatever they like >in thier private time such a move would make judges even less >human than they appear to be currently. I don't want judges to appear human. I want them to be (and appear to be) able, just and without decared partialities. The rest of us can be D&D, eco-warriors, troilists or heir to any of the other signs of humanity we so treasure. Owen From ghira@mistral.co.uk 24 Nov 2000 21:31:24 +0000 Date: 24 Nov 2000 21:31:24 +0000 From: Adam Atkinson ghira@mistral.co.uk Subject: RIP Tribunal Mummery On 24-Nov-00 19:52:07, Owen Lewis said: >Any perception you or I might have of the 'rightness' of any or all af these >caused is unlikely to be shared by all others and is simply no justification >for the holder of a senior judicial office publicly to support any of them. I hope none of them are openly members of any religion, then. Surely judges' opinions become pretty obvious from the judgements they make? -- Adam Atkinson (ghira@mistral.co.uk) ZOOGE From nbohm@ernest.net Sat, 25 Nov 2000 12:59:24 +0000 Date: Sat, 25 Nov 2000 12:59:24 +0000 From: Nicholas Bohm nbohm@ernest.net Subject: RIP Tribunal Mummery At 02:10 PM 11/24/2000 -0000, David Hansen wrote: >On 23 Nov 00, at 19:18, Owen Lewis wrote: > >> In my humble view, the more fundamental >> mistake is that *any* judge should associate himself with any group >> likely to be concerned with legal proceedings. > >Then judges would be involved with very few groups. As well as >being an infringement on the right of judges to do whatever they like >in thier private time such a move would make judges even less >human than they appear to be currently. I agree. I believe Lord Hoffman joined an Amnesty International subsidiary as an outside independent board member not otherwise involved in Amnesty, and if I am right about this it is perhaps ironic that it was this association that led to all the fuss. (I nevertheless agree that he should not have heard the Pinochet case with Amnesty taking part.) Regards, Nicholas Bohm Salkyns, Great Canfield, Takeley, Bishop's Stortford CM22 6SX, UK Phone 01279 871272 (+44 1279 871272) Fax 01279 870215 (+44 1279 870215) Mobile 07715 419728 (+44 7715 419728) PGP RSA 1024 bit public key ID: 0x08340015. Fingerprint: 9E 15 FB 2A 54 96 24 37 98 A2 E0 D1 34 13 48 07 PGP DSS/DH 1024/3072 public key ID: 0x899DD7FF. Fingerprint: 5248 1320 B42E 84FC 1E8B A9E6 0912 AE66 899D D7FF From davidh@spidacom.co.uk Sun, 26 Nov 2000 14:07:52 -0000 Date: Sun, 26 Nov 2000 14:07:52 -0000 From: David Hansen davidh@spidacom.co.uk Subject: RIP Tribunal Mummery On 24 Nov 00, at 19:32, Owen Lewis wrote: > >> mistake is that *any* judge should associate himself with any group > >> likely to be concerned with legal proceedings. > > > >Then judges would be involved with very few groups. > > Quite so. The fewer the better, In Edinburgh the civic trust (the Cockburn Association) has, for historical reasons, the involvement of many judges. Most are just members, but some have positions on the Cockburn Council. The Association has for a very long time been involved in preventing the vandals in the Council and University from doing their worst. This has often involved legal proceedings and semi-legal proceedings. I see no reason why the judges should be prevented from doing any of this. David Hansen | davidh@spidacom.co.uk | PGP email preferred Edinburgh | CI$ number 100024,3247 | key number F566DA0E From peter.fairbrother@ntlworld.com Sun, 26 Nov 2000 22:31:52 +0000 Date: Sun, 26 Nov 2000 22:31:52 +0000 From: Peter Fairbrother peter.fairbrother@ntlworld.com Subject: Moot!, RIPA type laws and spy-type cryptographers Few beers along, here's the news and a question for you night-owls News: Moot!'s website is coming next week, it looks really good, finished except for the initial security analysis (the most important bit, of course it wouldn't be finished on time *me) and a few tweaks. Anyone want to host Moot!? 20M now, 200M ftp from Feb. Reliable server, we don't know how LE might react. Mirrors very welcome. Moot!'s always appreciative of help. Question: I was writing a FAQ for Moot! and came up with this, has anybody got a better answer to Q7? Q6--------Are all these laws part of a FBI plot? I doubt it, but the rumour is not totally without foundation. It does seem that the FBI is at least involved in all of them. Q7--------How come governments are making stupid laws that are so easy to circumvent? It's not that easy, but while people have complained that we are doing this the wrong way, that our method is too complicated and that we have made mistakes, no-one has said that what we are doing is impossible. I guess governments don't know enough cryptography, but why the opinions of spy-type cryptographers seem to have been ignored is a mystery. Maybe they aren't very good cryptographers - unlikely, they'd have to be terrible - maybe they have quantum computers and can crack any code, maybe they're running a double bluff, maybe governments are running a bluff, maybe governments are just not listening. Who knows? I'd bet on government/law-enforcement bluff, ignorance, trend-following and wilful deafness. GCHQ and NSA don't seem to be involved much... If so, and if FBI is running it based on bluff, FBI's going to be in disfavour with some embarrased governments, and NSA and GCHQ who will be annoyed at them for the increased awareness of cryptography. - maybe not, maybe there's a triple(?) bluff going on, they are after all most useful when people are using cryptography which those people think is unbreakable but which - (after all, despite Enigma etc., we have had unbreakable codes since before the First World War) - they can break. You wish. Suffrin' from they ni-co-teen withdrawls, yet agin', Peter From oml@eloka.demon.co.uk Sun, 26 Nov 2000 21:46:59 -0000 Date: Sun, 26 Nov 2000 21:46:59 -0000 From: Owen Lewis oml@eloka.demon.co.uk Subject: RIP Tribunal Mummery -----Original Message----- From: Adam Atkinson To: Owen Lewis Date: 24 November 2000 21:36 Subject: Re: RIP Tribunal Mummery >On 24-Nov-00 19:52:07, Owen Lewis said: > >>Any perception you or I might have of the 'rightness' of any or all af these >>caused is unlikely to be shared by all others and is simply no justification >>for the holder of a senior judicial office publicly to support any of them. > >I hope none of them are openly members of any religion, then. Their private beliefs are their business and should remain private. IMO, it would be wrong for a judge to work part-time in or lend his name and the gravitas of his office to (say) an evangelical Christian mission working in the Bangladeshi district of Bradford to save their benighted souls through conversion and Christian baptism. You take the point? >Surely judges' opinions become pretty obvious from the judgements they >make? I think that is a fairly common misconception among those who do not observe judges at work. To the extent that it may be true in any particular is simply a measure of the shortcoming of that judge at that time. Judgements have been overturned or set aside because of such. To wit, the HL first judgement re Pinochet. Owen > >-- >Adam Atkinson (ghira@mistral.co.uk) >ZOOGE > > > From oml@eloka.demon.co.uk Sun, 26 Nov 2000 23:02:10 -0000 Date: Sun, 26 Nov 2000 23:02:10 -0000 From: Owen Lewis oml@eloka.demon.co.uk Subject: RIP Tribunal Mummery -----Original Message----- From: David Hansen To: ukcrypto@chiark.greenend.org.uk Date: 26 November 2000 14:08 Subject: Re: RIP Tribunal Mummery >On 24 Nov 00, at 19:32, Owen Lewis wrote: > >> >> mistake is that *any* judge should associate himself with any group >> >> likely to be concerned with legal proceedings. >> > >> >Then judges would be involved with very few groups. >> >> Quite so. The fewer the better, > >In Edinburgh the civic trust (the Cockburn Association) has, for >historical reasons, the involvement of many judges. Most are just >members, but some have positions on the Cockburn Council. The >Association has for a very long time been involved in preventing the >vandals in the Council and University from doing their worst. This >has often involved legal proceedings and semi-legal proceedings. > >I see no reason why the judges should be prevented from doing any >of this. Answered elsewhere. But one assumes that they have sat in judgement on none of those legal proceedings - or are their judgements in such matters waiting to be thrown out? To what extent, would you argue, that for public expression of their personal proclivities, their emoluments as a public office holder should be reduced , by virtue of a wilful reduction of their ability to exercise their office to the full? Owen From oml@eloka.demon.co.uk Sun, 26 Nov 2000 22:50:59 -0000 Date: Sun, 26 Nov 2000 22:50:59 -0000 From: Owen Lewis oml@eloka.demon.co.uk Subject: RIP Tribunal Mummery -----Original Message----- From: Nicholas Bohm To: ukcrypto@chiark.greenend.org.uk Date: 25 November 2000 13:24 Subject: Re: RIP Tribunal Mummery >At 02:10 PM 11/24/2000 -0000, David Hansen wrote: >>On 23 Nov 00, at 19:18, Owen Lewis wrote: >> >>> In my humble view, the more fundamental >>> mistake is that *any* judge should associate himself with any group >>> likely to be concerned with legal proceedings. >> >>Then judges would be involved with very few groups. As well as >>being an infringement on the right of judges to do whatever they like >>in thier private time such a move would make judges even less >>human than they appear to be currently. > >I agree. I believe Lord Hoffman joined an Amnesty International subsidiary >as an outside independent board member not otherwise involved in Amnesty, >and if I am right about this it is perhaps ironic that it was this >association that led to all the fuss. My understanding is that he lent his name and thus the gravitas of his office to their letterhead. A private person is entitled to form what partialities and associations as they wish and are lawful. A problem arises only when that same person holds public office. If he then publicly demonstrates a partiality for any cause, he lends that cause not just his own name (which is his to do with as he wills) but, in some measure, lends it also the weight and prestige of his office. The more senior the office the greater the weight lent. It is this that I question. If a holder of senior public office wishes, on condition of anonymity, to donate 1,000 a year to a cause he approves of, that is entirely between him and his conscience. However, IMHO, the public office holder is very unwise to lend, albeit indirectly, the weight of his office to the cause of his choice. As indicated in a previous post, it is not usual for those whose names and ranks are used by organisations for marketing and other non-executive functions to be selected by the organisation for reasons of who they are but rather for *what* they are. The holder of a public office usually does so on sufferance. Even where that may not be so (as in the case of a judge?) the holder has no right to lend the weight of his office to any other party. No part of his office as Lord-High-Everything-Else is his (or should be his) to dispose of at a personal whim; he is in stewardship only of the office. If the cost of such public impartiality is the shedding, as far as is visible, of the personal partailities that we commonly take as an expression of the human condition, so be it. That is but one part of the burden of public duty for which the public will give office holders no thanks but for which sacrifice it should be grateful than it knows. >(I nevertheless agree that he should >not have heard the Pinochet case with Amnesty taking part.) One should not make too much ot the matter but what even the good Lord's most ardent supporters seem unable to do is to explain how a man of such intelligence, sensibility, probity, experience and position could ever have thought that he should have heard the case. For those who find overt support of a senior law officer for Amnesty International to be self-evidential moral rectitude and therefore only praisworthy, let them substitute BNP for AI and see if they will still argue the same way. The act of the officer is the same in either case. All that can possibly change is the opinion of the observer. Now, that's a good way to run a mob. It's no way to provide public service in general nor, in particular, to dispense justice. Owen From davidh@spidacom.co.uk Mon, 27 Nov 2000 10:23:42 -0000 Date: Mon, 27 Nov 2000 10:23:42 -0000 From: David Hansen davidh@spidacom.co.uk Subject: RIP Tribunal Mummery On 26 Nov 00, at 21:46, Owen Lewis wrote: > >I hope none of them are openly members of any religion, then. > > Their private beliefs are their business and should remain private. That means they are not able to go to church, synagogue, temple or whatever. If they do so then they are publically supporting the religion. David Hansen | davidh@spidacom.co.uk | PGP email preferred Edinburgh | CI$ number 100024,3247 | key number F566DA0E From davidh@spidacom.co.uk Mon, 27 Nov 2000 10:23:44 -0000 Date: Mon, 27 Nov 2000 10:23:44 -0000 From: David Hansen davidh@spidacom.co.uk Subject: RIP Tribunal Mummery On 26 Nov 00, at 23:02, Owen Lewis wrote: > To what extent, would you argue, that for public expression of their > personal proclivities, their emoluments as a public office holder > should be reduced , by virtue of a wilful reduction of their ability > to exercise their office to the full? They should not be reduced by one penny. Indeed there is an argument for increasing these things for those prepared to take an active part in civic life. David Hansen | davidh@spidacom.co.uk | PGP email preferred Edinburgh | CI$ number 100024,3247 | key number F566DA0E From davidh@spidacom.co.uk Mon, 27 Nov 2000 10:23:46 -0000 Date: Mon, 27 Nov 2000 10:23:46 -0000 From: David Hansen davidh@spidacom.co.uk Subject: RIP Tribunal Mummery On 26 Nov 00, at 22:50, Owen Lewis wrote: > As indicated in a previous post, > it is not usual for those whose names and ranks are used by > organisations for marketing and other non-executive functions to be > selected by the organisation for reasons of who they are but rather > for *what* they are. I can only speak with some authority for some voluntary organisations in the transport field. People are invited to these posts because of their interest (expressed over many years) in the subject. They sometimes have given money privately for many years and continue to give money privately while in that position. They are not invited because of who or what they are. Of course a famous name helps in marketing, but this is a bonus rather than a reason for invitation. I suspect Amnesty International works much the same way. > let them substitute BNP for AI and see if they will still > argue the same way. One of the problems of advocating freedom is that one has to argue freedom for causes one finds objectionable, which tend to be the ones picked off first by those who would enslave us. "First they came for the trade unionists and I said nothing because I was not a trade unionist." David Hansen | davidh@spidacom.co.uk | PGP email preferred Edinburgh | CI$ number 100024,3247 | key number F566DA0E From owen.blacker@pres.co.uk Mon, 27 Nov 2000 10:54:53 -0000 Date: Mon, 27 Nov 2000 10:54:53 -0000 From: Owen Blacker owen.blacker@pres.co.uk Subject: RIP Tribunal Mummery -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 As a gay man, I believe the one thing that makes my opinions on rights and freedoms different from those of the BNP (for example) is that I would grant them the right to express their beliefs, however objectionable I find them -- a right (amongst several others) I believe they would like to deny me. QV my previous comments (assuming they're still archived, I am more than happy to restate them for the record) regarding the NUS policy of the mid 1990s known as "No Platform". O x - ----- Owen Blacker Senior Internet Developer and InfoSec Consultant, pres.co I now have new PGP keys -- qv http://www.owens-place.org.uk/pgp.html Sig 0x00036874 | d39f b776 fa20 c125 b0e2 aa6d 555e 4126 0003 6874 > -----Original Message----- > From: Owen Lewis [mailto:oml@eloka.demon.co.uk] > Sent: Sunday, November 26, 2000 10:51 PM > To: ukcrypto@chiark.greenend.org.uk > Subject: Re: RIP Tribunal Mummery > > > [deletia] > > For those who find overt support of a senior law officer for > Amnesty International to be self-evidential moral rectitude and > therefore only praiseworthy, let them substitute BNP for AI and see > if they will still argue the same way. > > [deletia] -----BEGIN PGP SIGNATURE----- Version: PGP 7.0 Comment: Due to RIP, pls check for revocation before using this key! iQA/AwUBOiI9yFVeQSYAA2h0EQIV+gCfRESiY8UdQoEvpjo8lP9627trseIAoJ+a cSoZDx897iBqlx3pRkAdROHM =6ft/ -----END PGP SIGNATURE----- _____________________________________________________________________ This message has been checked for all known viruses by UUNET delivered through the MessageLabs Virus Control Centre. For further information visit http://www.uk.uu.net/products/security/virus/ From k.brown@ccs.bbk.ac.uk Mon, 27 Nov 2000 12:55:16 +0000 Date: Mon, 27 Nov 2000 12:55:16 +0000 From: Ken Brown k.brown@ccs.bbk.ac.uk Subject: Moot!, RIPA type laws and spy-type cryptographers Peter Fairbrother wrote: > Q7--------How come governments are making stupid laws that are so easy to > circumvent? My suspicion is that the entire process is driven by the likes of NSA & GCHQ. They aren't really directly interested in criminals in the traditional sense either - all that stuff about pornography is, from their point of view, at best a good side effect of these laws and more likely a loss-leader. (Though they are getting more into drug-related stuff & possibly into business information). What they want to do is read almost all the civilian traffic, almost all the time. They know they can't get 100% of everything but they would settle for 80% capture of 80% of the traffic. So they want to discourage use of strong cryoptography, slow down it's implementation, make it a complicated or suspicious thing to do. Some of us will circumvent the stuopid laws, most won't. They they don't really mind people like us. They can cope with the occasional clued journalist or lawyer who uses PGP securely & a few cypberpunkly types who stick silly .sigs on the end of their mail (*) They like to do large-scale traffic analysis. A few of us using decent cryptography (& anyway most of us don't much) won't worry them. My suspicion is that there are four reasons for this: 1) habit - they got into reading all the traffic back in WW2 and see no reason to stop. If nothing else it justifies their huge phone bill. 2) The longer, slower & harder the implementation of general cryptography is, the more likely it is to be done badly. And it is astonishingly easy to do badly as we all know. The spooks will delay things as long as they can and hope for some work-around (EM leaks & bugged proprietary software are my guess - though no doubt they have a few teams chasing the quantum dream, just in case) 3) the US constitution. Though the CIA surely do spy on US citizens in the USA it would be embarrassing for them if their citizens ever found out. So they pay GCHQ (and/or the Canadians) to do it for them. In return for dope on US traffic, they clue UK govt (+ Oz & NZ - why the Kiwis stay in the deal is beyond me) in on that part of all the rest of the traffic which they deem to be suitable for the ears of our Lords and Masters. I have an old rant on the subject at http://www.cix.co.uk/~kbrown/rotm/1998jul.htm (a lot of water under the bridge in 2 years) NSA/CIA has an interest in keeping GCHQ+the antipodeans on board, & vice versa, and they all form a kind of club (with the Americans as very much the senior partner). I expect that they spooks consult with each other before they advise the politicians in their home countries (TBH I expect that they consult with the Russians as well, & probably always did - it is at least widely believed that informal CIA/KGB contacts prevented Reagan from destroying the world) 3.5) Politicians in the UK fall for this setup every time. The Tories have at least a large minority of US lapdogs who will never do anything against the Land of the Free and the Home of the Brave. And Labour is always so worried about looking Soft on Crime or Weak on Defence and so desperate to keep the Daily Mail voters on board that they will never rock the spook establishment's boat. Anyway, it makes them feel important and wanted, when they are given all those secret briefings. 4) Maybe most importantly, they keep control of money. It isn't crime, or even terrorism they are worried about, it is free trade. When we are all communicating securely, they can't tell when money changes hands. How do you tax what you can't see? How do you confiscate the drug-dealer's profits, how do you prevent bribery, delivery of ransoms, payment for crime, when anyone in the world can transfer money to anyone in the world without anyone else knowing? Ken (*) You know the sort of thing: "Crack, Jim Bell's, horse, assassination, Janet Reno, politics, dope, will allow the people, Aurora, die, bomb, bomb, Peter, bomb, Airey Neave, multiple-agency, Michael Portillo, place, snort, crackdowns, indecently, assassinate, F3, Colombian, assault, Greenpeace, guardsman, Menwith Hill, attacks, I think we're not in Kansas, House of Commons car-park, Toto, Diego Garcia, Shell"... you used to see it all the time. And they probably never ever took any notice anyway. From oml@eloka.demon.co.uk Mon, 27 Nov 2000 11:21:45 -0000 Date: Mon, 27 Nov 2000 11:21:45 -0000 From: Owen Lewis oml@eloka.demon.co.uk Subject: RIP Tribunal Mummery -----Original Message----- From: David Hansen To: ukcrypto@chiark.greenend.org.uk Date: 27 November 2000 10:38 Subject: Re: RIP Tribunal Mummery >On 26 Nov 00, at 21:46, Owen Lewis wrote: > >> >I hope none of them are openly members of any religion, then. >> >> Their private beliefs are their business and should remain private. > >That means they are not able to go to church, synagogue, temple or >whatever. If they do so then they are publically supporting the >religion. If you say so, my dear chap; if you say so. Enough already :-) Owen From oml@eloka.demon.co.uk Mon, 27 Nov 2000 13:20:37 -0000 Date: Mon, 27 Nov 2000 13:20:37 -0000 From: Owen Lewis oml@eloka.demon.co.uk Subject: RIP Tribunal Mummery -----Original Message----- From: David Hansen To: ukcrypto@chiark.greenend.org.uk Date: 27 November 2000 10:25 Subject: Re: RIP Tribunal Mummery >On 26 Nov 00, at 23:02, Owen Lewis wrote: > >> To what extent, would you argue, that for public expression of their >> personal proclivities, their emoluments as a public office holder >> should be reduced , by virtue of a wilful reduction of their ability >> to exercise their office to the full? > >They should not be reduced by one penny. Indeed there is an >argument for increasing these things for those prepared to take an >active part in civic life. The whole working life of a public servant (of which Judge is but one sub-specie) is an active part in 'civic' life. The point is that such lives, particularly for the more senior, carry particular and sometimes great responsibilities. It diminishes the public services for which they are paid if their personal proclivities get in the way of the exercise of their public office to the full. You realise that the point was humourous but there is a grain of truth behind the humour. I note too that you do not respond to the question as to whether your 'civic minded' judges we in line to have any of their judgments struck out because of a blatant conflict of interest. Owen From oml@eloka.demon.co.uk Mon, 27 Nov 2000 13:16:29 -0000 Date: Mon, 27 Nov 2000 13:16:29 -0000 From: Owen Lewis oml@eloka.demon.co.uk Subject: RIP Tribunal Mummery -----Original Message----- From: David Hansen To: ukcrypto@chiark.greenend.org.uk Date: 27 November 2000 10:26 Subject: Re: RIP Tribunal Mummery >On 26 Nov 00, at 22:50, Owen Lewis wrote: > >> As indicated in a previous post, >> it is not usual for those whose names and ranks are used by >> organisations for marketing and other non-executive functions to be >> selected by the organisation for reasons of who they are but rather >> for *what* they are. > >I can only speak with some authority for some voluntary >organisations in the transport field. People are invited to these posts >because of their interest (expressed over many years) in the >subject. They sometimes have given money privately for many years >and continue to give money privately while in that position. They are >not invited because of who or what they are. Well, its odd then how many of 'the great and the good' (or otherwise well connected) end up on this that or the other letterhead without an executive position in the organisation. I say again, had it been a plain Abe Hoffmann, kosher butcher, housewife or solicitor of East Cheam, do you suppose he would have been as likely to be invited to hold a non-executive post on the board of AI? I do not say that, in general, this practice is to be deprecated. It has its uses. I only say that is unwise to lend the authority of one's public office to any private cause one may espouse. I do think, if you look again, you will find that there are many indeed. >> let them substitute BNP for AI and see if they will still >> argue the same way. > >One of the problems of advocating freedom is that one has to argue >freedom for causes one finds objectionable, which tend to be the >ones picked off first by those who would enslave us. "First they >came for the trade unionists and I said nothing because I was not a >trade unionist." Well I note that, despite the noble sentiment, you stop just short of saying that you would support a judge's right stay as a judge and at the same time be an enthusistic supporter, - sitting in the directorate of - the BNP.and with his name on its paper. However, I'm happy to give to the benefit of the doubt and accept that you (almost) implied that. And in which case, I think that you are wrong on both counts. Both for the same reason neither is a wise action and our judges, if they are to be anything at all, need to be wise men. Owen From DHowe@Hawkswing.demon.co.uk Mon, 27 Nov 2000 14:04:55 -0000 Date: Mon, 27 Nov 2000 14:04:55 -0000 From: David Howe DHowe@Hawkswing.demon.co.uk Subject: RIP Tribunal Mummery > Well I note that, despite the noble sentiment, you stop just short of saying > that you would support a judge's right stay as a judge and at the same time > be an enthusistic supporter, - sitting in the directorate of - the BNP.and > with his name on its paper. Actually, I am all in favour of this - this judge would have those preferences ANYWAY, so should be considered exempt from hearing cases where his BNP support would be an issue. This improves his impartiality, giving everyone he sees before his bench an improved chance of a fair hearing. I can't see how a judge actually predeclaring any biases that might affect his impartiality can ever be a bad thing, provided the system is geared to taking them into account. From oml@eloka.demon.co.uk Mon, 27 Nov 2000 15:11:06 -0000 Date: Mon, 27 Nov 2000 15:11:06 -0000 From: Owen Lewis oml@eloka.demon.co.uk Subject: RIP Tribunal Mummery -----Original Message----- From: Owen Blacker To: 'ukcrypto@chiark.greenend.org.uk' Date: 27 November 2000 10:57 Subject: RE: RIP Tribunal Mummery > >-----BEGIN PGP SIGNED MESSAGE----- >Hash: SHA1 > >As a gay man, I believe the one thing that makes my opinions on >rights and freedoms different from those of the BNP (for example) is >that I would grant them the right to express their beliefs, however >objectionable I find them -- a right (amongst several others) I >believe they would like to deny me. Tsk tsk.. And I had you down for a red blooded, bewellied, sheep sha**er like the rest us boyos. The point is surely not your gentle altruism but the unwisdom of any senior public office holder in lending the weight of his office (*not* his to lend) to *any* cause of his personal choosing. We may all say that we defend to the death (etc) his right to hold whatever views he wishes. What I say is that he must not drag his office (nor give any perception of dragging his office) in pursuit of his private opinions and that is a different point. The greater his office and the harder it becomes for that public office to be effectively dissociated from any public expression of his private proclivities. This is the main reason why: 1. Discretion in a public statement of private views generally increases with seniority in public office. 2. The public perception of senior office holders becomes one of inhumanity because of a lack of what passes for human expression. In fact, such a lack of expression is a sacrifice on behalf of the office holder, often willingly made, in the best interest of the public service. There can also be an inhuman scale to the responsibilities and powers of the office to which they accede. Clearly, this is not all black or white; rather there is a large range of greys. Hence perhaps what is a publicly declared enthusiasm of little consequence, fit for some sympathy, in a younger man becomes a liability *to his conduct of his office* as he attains greater responsibilities and hence wields greater authority. It's no more of an issue than than that. So do your shirt up and stop baring your breast :-) Owen From oml@eloka.demon.co.uk Mon, 27 Nov 2000 19:41:24 -0000 Date: Mon, 27 Nov 2000 19:41:24 -0000 From: Owen Lewis oml@eloka.demon.co.uk Subject: RIP Tribunal Mummery -----Original Message----- From: David Howe To: ukcrypto@chiark.greenend.org.uk Date: 27 November 2000 14:09 Subject: Re: RIP Tribunal Mummery >> be an enthusistic supporter, - sitting in the directorate of - the BNP.and >> with his name on its paper. >Actually, I am all in favour of this - this judge would have those >preferences ANYWAY, so should be considered exempt from hearing cases where >his BNP support would be an issue. I see. You mean the way that Lord H was (not) disqualified nor saw fit to disqualify himself from hearing the P case, causing the Law Lords to overturn themselves for the first time in memory? But you dance around the point - which is that no good can come of nailing great public office to some masthead on a personal whim. It is wrong in principle and harm may result. Are you aware that in all Crown service, judges are (AFAIK) the only holders of office under the Crown who are privileged so to act?. One assumes because they are considered wise enough not to need the constraint of law or custom to prevent them from doing so. For many offices, a willful association of the office with a personal wish of the incumbent would be, a matter that would call for a resignation. About two years ago, an middle-piece Army officer was required to resign because he publicly flaunted his political affiliation. It was not the nature of the affiliation that was the cause of his resignation (those he did try to represent it as such) but rather that he chose to publish noisily his affiliation. ISTR, he did it twice, The first time he was warned. The second time he went. Think then of the contrary example of the Lord Clashferne who, put his duty to pay the respects of his office at the funeral of a Catholic colleague before a maintenance of the narrow strictures of his own Calvinist church, knowing full well what that sensible act of care and duty must cost him in in personal terms. If the day comes where public servants would commonly put their personal causes before a need to be impartial and to be seen to be impartial, we would surely be the poorer served thereby. The greater the office held the truer I believe this to be, because the greater becomes a risk of damage to trust in the public office. However, (and not for the first time) I state a case contrary to the popular view (and very off topic too). I promise now to remain silent on the matter. Owen From DHowe@Hawkswing.demon.co.uk Mon, 27 Nov 2000 19:52:37 -0000 Date: Mon, 27 Nov 2000 19:52:37 -0000 From: David Howe DHowe@Hawkswing.demon.co.uk Subject: RIP Tribunal Mummery "Owen Lewis" wrote: > From: David Howe > >Actually, I am all in favour of this - this judge would have those > >preferences ANYWAY, so should be considered exempt from hearing cases where > >his BNP support would be an issue. > I see. You mean the way that Lord H was (not) disqualified nor saw fit to > disqualify himself from hearing the P case, causing the Law Lords to > overturn themselves for the first time in memory? Yes - because you chose to clip the remainder of my comment, that pointed out that methods would have to be in place to take these declared biases into account when assigning cases. A judge shouldn't have to disqualify himself, that choice should be made for him - by a methodology that picks the most impartial judge for a given case. From davidh@spidacom.co.uk Tue, 28 Nov 2000 09:31:02 -0000 Date: Tue, 28 Nov 2000 09:31:02 -0000 From: David Hansen davidh@spidacom.co.uk Subject: RIP Tribunal Mummery On 27 Nov 00, at 15:11, Owen Lewis wrote: > the unwisdom of any > senior public office holder in lending the weight of his office (*not* > his to lend) to *any* cause of his personal choosing. I don't believe this happens in the organisations which I know most about. Neither do I believe it happened in the Amnesty International case. > Clearly, this is not all black or white; Precisely. David Hansen | davidh@spidacom.co.uk | PGP email preferred Edinburgh | CI$ number 100024,3247 | key number F566DA0E From jon+ukcrypto@unequivocal.co.uk Tue, 28 Nov 2000 12:44:47 +0000 Date: Tue, 28 Nov 2000 12:44:47 +0000 From: Jon Ribbens jon+ukcrypto@unequivocal.co.uk Subject: RIP Tribunal Mummery Owen Lewis wrote: > For those who find overt support of a senior law officer for Amnesty > International to be self-evidential moral rectitude and therefore only > praisworthy, let them substitute BNP for AI and see if they will still argue > the same way. A tiny flaw in your argument there would appear to be that the BNP is not Amnesty. The main difference being that in the case of Amnesty it is arguable that its aims are indistinguishable from the aims of the Judiciary. (Not Judges as people, but the Judiciary itself.) From lists@notatla.demon.co.uk Tue, 28 Nov 2000 21:34:17 GMT Date: Tue, 28 Nov 2000 21:34:17 GMT From: lists@notatla.demon.co.uk lists@notatla.demon.co.uk Subject: TOMORROW: First Quarterly Cryptuk Meeting on 29Nov2000 Wed 29 Nov 2000: Ben Laurie on programming with OpenSSL "The Old English Club" on the first floor of "F.T.'s Free House" in Savage Gardens, EC3. Savage Gardens is between Crutched Friars and Pepys Street and about opposite the Novotel found on your left when leaving Fenchurch St station and your right (round a corner) when leaving Tower Hill tube. It can be seen on http://www.streetmap.co.uk . We have the 1st floor bar area from 7-9pm. I would be interested in suggested topics and speakers for future meetings. From owen.blacker@pres.co.uk Wed, 29 Nov 2000 13:51:24 -0000 Date: Wed, 29 Nov 2000 13:51:24 -0000 From: Owen Blacker owen.blacker@pres.co.uk Subject: Moot!, RIPA type laws and spy-type cryptographers -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > -----Original Message----- > From: Ken Brown [mailto:k.brown@ccs.bbk.ac.uk] > Sent: Monday, November 27, 2000 12:55 PM > To: ukcrypto@chiark.greenend.org.uk > Subject: Re: Moot!, RIPA type laws and spy-type cryptographers > > > [deletia] > > 4) Maybe most importantly, they keep control of money. It isn't > crime, or even terrorism they are worried about, it is free trade. > When we are all communicating securely, they can't tell when money > changes hands. How do you tax what you can't see? How do you > confiscate the drug-dealer's profits, how do you prevent bribery, > delivery of ransoms, payment for crime, when anyone in the world > can transfer money to anyone in the world without anyone else > knowing? qv the Real World back history in /Snow Crash/[1] and, to an extent, /The Diamond Age/[2], both by Neal Stephenson (sic). :o) O x [1] http://www.amazon.co.uk/exec/obidos/ASIN/0140232923 [2] http://www.amazon.co.uk/exec/obidos/ASIN/014027037X - ----- Owen Blacker Senior Internet Developer and InfoSec Consultant, pres.co I now have new PGP keys -- qv http://www.owens-place.org.uk/pgp.html Sig 0x00036874 | d39f b776 fa20 c125 b0e2 aa6d 555e 4126 0003 6874 -----BEGIN PGP SIGNATURE----- Version: PGP 7.0 Comment: Due to RIP, pls check for revocation before using this key! iQA/AwUBOiUKDFVeQSYAA2h0EQJZjgCdGlzvzo5u8vNJNrzT5ujKR3oqKhEAoNoR 4hcJXtI1PNBbfHWY7jwh9S4G =sAA5 -----END PGP SIGNATURE----- _____________________________________________________________________ This message has been checked for all known viruses by UUNET delivered through the MessageLabs Virus Control Centre. For further information visit http://www.uk.uu.net/products/security/virus/ From kate.hodgson@postoffice.co.uk Wed, 29 Nov 2000 17:41:49 +0000 Date: Wed, 29 Nov 2000 17:41:49 +0000 From: Kate Hodgson kate.hodgson@postoffice.co.uk Subject: Call for Papers - ISSE 2001 EEMA and TeleTrusT invite you to participate in the call for papers for ISSE 2001. We would very much appreciate if you could pass this information on to interested parties. We apologise for multiple receipt. -------------------------------------------------------------------------------------------------------------------- Call for Papers ISSE 2001 INFORMATION SECURITY SOLUTIONS EUROPE CONFERENCE QEII Conference Centre, London, UK 26-28 SEPTEMBER 2001 EEMA - The European Forum for Electronic Business TeleTrusT - The Association for the Promotion of Trustworthiness of IT-Systems ISSE is the European institution for the presentation and discussion of technical, organisational, legal and political concepts for information security and data protection. As a user-oriented conference it provides presentations and panel discussions about existing and future information security solutions for large scale corporations, enterprises, especially for SMEs, commerce, financial institutions, public sector, health care, legal practitioners and security professionals. Now in its third year ISSE provides new opportunities for European industry in the market. ISSE focuses on information security for public e-services, e-government and e-business based on cryptography and emerging security technologies. ISSE 2001 is organised by independent organisations under the auspices of the European Commission Directorate General Information Society and supported by the German Federal Ministry of Economics and Technology. ISSE 2001 runs over three days and has a four-track structure. There will be an accompanying exhibition. ------------------------------------------------------------------------------------------------------------------------- TOPICS We are looking for papers and panel discussions covering the following areas: - Technology / Cryptography Technical concepts Cryptography: experiences and trends Technical standards Evaluation criteria Internet security: e-mail security, VPN, web-security, firewalls and protocols Smartcard technology Security in wireless communications Biometrics, Emerging technologies Security of mobile code Tamper resistant and high performance hardware Operating systems security Open source developments (OS and security tools) Global Interoperability Privacy enhancing technologies Copyright protection - Infrastructure Public key infrastructures International solutions Certification authorities: accreditation, evaluation, business cases Liability and insurance Evaluation / licensing of components and methods Infrastructure standards Interoperability studies and trials Infrastructure policies and best practices Key-management concepts Trusted services: notary, time-stamping Cross-certification Attribute certificates - Applications and Case Studies Securing e-business, e-banking, e-government Business sector case studies Risk management concepts Public services (citizen / community / public authorities / health care): practical experiences Enterprise IT-security solutions and requirements Integration aspects of enterprise IT-security Securing document management, workflow systems Archiving of evidence Electronic signature End-to-end security Multimedia security and copyright protection Protection of critical information and infrastructures Digital Ids Public Transport and Ticketing - Legal and political issues (national/European/global) Role of governments (EU, national) Role of international organisations/agreements Electronic Signature and Electronic Commerce regulations Legal conditions and the development of technology Liability Self-regulation, accreditation IT-security market / export restrictions Wassenaar / Dual-Use regulation Applicable law and jurisdiction Data protection regulations Anonymity, pseudonyms, privacy and regulations Identity, Public identity Privacy and national security Information society and human rights E-voting NB: Presentations should as much as possible address the benefits to the user. A special focus is given to practical examples (e.g. already existing applications, pilot projects, case studies). We would be particularly interested in the following subjects: Threats and risks in everyday life, and typical limitations of currently available mass-market implementations Protection against industrial espionage Users risks / insurance What do people want to use? What can they use? User perception and "critical success factors" to the adoption of security technologies The Programme Committee is open to further suggestions. ------------------------------------------------------------------------------------------------------------------------- SUBMISSIONS The submissions should be original research results, survey articles or case studies and position papers. Product placement is unacceptable. Duration of presentation: approximately 30 minutes + 5 minutes for questions. Authors are requested to send in the following information: 1) Abstract of 50-200 words giving an overview if the presentation. 2) Extended abstract (between 1000 ? 2000 words) 3) Professional biography (max. 200 words) and the full contact address (affiliation, postal address, phone, fax and e-mail) of the presenter. 4) Suggested track for the presentation: Technical, Infrastructure, Applications, Legal/Political) 5) Interest level: 1 - for delegates without specific knowledge 2 - for delegates with IT experience 3 - for application developers (interested in IT security) 4 - for IT security specialists Please note: for papers in the legal track this should be amended to 1) for delegates without specific knowledge 2) for delegate with general legal knowledge 3) for law professionals Please note that electronic submission only (PDF format, RTF or Word6/Word97) will be accepted. Please send your abstract to: Ulrike Schulte Programme Manager TeleTrusT Deutschland e.V. Association for the Promotion of Trustworthiness of IT-Systems E-mail: ulrike.schulte@aachen.utimaco.de Tel: +49 241 963 2639 ------------------------------------------------------------------------------------------------------------------------- DEADLINES Please submit your proposals for papers by March 5 Notification of acceptance will be made by May 7 Complete papers including slides and personal biography to be submitted by July 31 ------------------------------------------------------------------------------------------------------------------------- WEB SITE: Regularly updated information about ISSE 2001 will be available at: http://www.eema.org/isse Or from: Director of Events: mailto:Patricia.Doward@eema.org Programme Manager: mailto:ulrike.schulte@aachen.utimaco.de STEERING COMMITTEE: Frank Jorissen (EEMA), Chairman of the Steering Committee Detlef Eckert (CEC DG INFSO) Dave Hobart (EEMA) Norbert Pohlmann (TeleTrusT) Helmut Reimer (TeleTrusT) PROGRAMME COMMITTEE: Denis Baresch, CEC DG INFSO Jan Bartelen, ABN AMRO (The Netherlands) Claude Boulle, Bull (France) Alfred Buellesbach, DaimlerChrysler (Germany) Simon Corell, SmartTrust (Sweden) Marijke De Soete, Europay (Belgium) Paul Dhesi, SSE (Ireland) invited Dave Hobart, EEMA (United Kingdom) Kate Hodgson, Post Office (United Kingdom) Frank Jorissen, Utimaco Safeware (Belgium) Matt Landrock, Cryptomathic (Denmark) Paul Meadowcroft, Baltimore (United Kingdom) Andreas Mitrakas, GlobalSign (Belgium) Bart Preneel, KU Leuven (Belgium) Helmut Reimer, TeleTrusT (Germany) Paolo Rossini, TELSY, Telecom Italia Group (Italy) Ulrich Sandl, BMWI (Germany) Wolfgang Schneider, GMD (Germany) Robert Temple, BT (United Kingdom) Ian Walker, Entrust (United Kingdom) invited CHAIRMAN OF THE PROGRAMME COMMITTEE: Norbert Pohlmann, TeleTrusT (Germany) DIRECTOR OF EVENTS Patricia Doward EEMA - The European Forum for Electronic Business Alexander House, High Street Inkberrow Worcs, WR7 4DT United Kingdom Tel. +44 1386 793-028 Fax +44 1386 793-268 E-mail: mailto:Patricia.Doward@eema.org PROGRAMME MANAGER Ulrike Schulte TeleTrusT - Association for the Promotion of Trustworthiness of IT-systems Dennewartstrasse 27 D-52068 Aachen Germany Tel. +49 241 963-2639 Fax +49 241 963-2943 Mobile: +49 174 900 3432 E-mail: ulrike.schulte@aachen.utimaco.de From peter.fairbrother@ntlworld.com Wed, 29 Nov 2000 20:32:21 +0000 Date: Wed, 29 Nov 2000 20:32:21 +0000 From: Peter Fairbrother peter.fairbrother@ntlworld.com Subject: MOOT! website MOOT! is an open-design, open-source, hopefully free cryptography project begun to defeat RIPAPART3 and make it look silly, and to allow UK citizens to communicate and to store information without worrying about it. It will also defeat Carnivore and the Australian and proposed NZ and Council of Europe laws regarding seizure of stored data, intercepted data, traffic data and access to plaintext/keys of encrypted data. MOOT!'s new website is available through: http://homepage.ntlworld.com/peter.fairbrother sexier URL promised soon. Peter From Richard.Cox@mandarin.org Wed, 29 Nov 2000 22:31 +0000 (GMT Standard Time) Date: Wed, 29 Nov 2000 22:31 +0000 (GMT Standard Time) From: Richard D G Cox Richard.Cox@mandarin.org Subject: Yahoo! offers encrypted e-mail (Apologies if anyone's seen this elsewhere) Yahoo! offers encrypted e-mail The Web portal will let its e-mail users send super-secret messages. But one analyst says it's more security than most users need. By Ben Charny and Richard Shim, ZDNet News November 29, 2000 1:05 PM PT Yahoo! Inc. on Wednesday became the first major portal to offer free, encrypted e-mail services. But at least one analyst says it's a solution for a problem that hardly exists. Yahoo!'s new "Send via SecuritDelivery.com" is the result of a $5.7 million deal the portal signed earlier this year with e-mail security company ZixIt Corp. http://www.zdnet.com/zdnn/stories/news/0,4586,2659090,00.html From Pete.Chown@skygate.co.uk Thu, 30 Nov 2000 11:44:57 +0000 Date: Thu, 30 Nov 2000 11:44:57 +0000 From: Pete Chown Pete.Chown@skygate.co.uk Subject: Yahoo! offers encrypted e-mail (Apologies if anyone's seen this elsewhere) Richard D G Cox wrote: > Yahoo! offers encrypted e-mail According to: http://news.yahoo.com/h/cn/20001129/tc/yahoo_delivers_encrypted_email_1.html > Yahoo's new system works like this: Once a message is composed, it > travels, unencrypted, to Yahoo, which sends it through a secure > connection to SecureDelivery.com. There, the message and any > attachments are scrambled. > > SecureDelivery then sends the recipient the address to a Web page, > secured by Secure Sockets Layer ( SSL) and hosted by > SecureDelivery.com, where the message can be picked up and > descrambled for up to seven days. This could a contender for Bruce Schneier's doghouse section... I guess there are a few threat models where this might provide a degree of protection, for example if the recipient's employer may attempt to read the mail. However in general it sounds pretty useless. -- Pete From peter.fairbrother@ntlworld.com Thu, 30 Nov 2000 23:43:51 +0000 Date: Thu, 30 Nov 2000 23:43:51 +0000 From: Peter Fairbrother peter.fairbrother@ntlworld.com Subject: TOMORROW: First Quarterly Cryptuk Meeting on 29Nov2000 I'm sorry I missed it. Was it good? Anybody sober yet, and able to remember? Peter From lists at notatla.demon.co.uk Wed Nov 1 07:51:52 2000 From: lists at notatla.demon.co.uk (lists@notatla.demon.co.uk) Date: Wed, 1 Nov 2000 07:51:52 GMT Subject: How RIP-proof is SSL? Message-ID: <200011010751.HAA05724@notatla.demon.co.uk> From: Dave Bird > In message <39FEE5F1.869D6936@algroup.co.uk>, Ben Laurie > writes > >Actually, export SSL uses ephemeral RSA keys... > > "Export SSL?" export from where......?? Some of us are just ignorant > political campaigners with a limited knowledge of the practical > use of crtypto, and don't sit on all the working parties. From the US - they've spent many years trying to reduce crypto uptake by limiting the export of software that includes it for easy use. > In message <80256989.0056EA22.00@d06mta07.portsmouth.uk.ibm.com>, > paulfordh@uk.ibm.com writes > >For the completeists - here are all the SSL/TLS ciphersuites I've found > >reference to (there are some new ones in drafts (notably the AES ones) but > >they tend to conflict at the moment.) > > That's nice but still doesn't define TLS.... http://www.ietf.org/rfc/rfc2246.txt 2246 The TLS Protocol Version 1.0. T. Dierks, C. Allen. January 1999. 2487 SMTP Service Extension for Secure SMTP over TLS. P. Hoffman. 2595 Using TLS with IMAP, POP3 and ACAP. C. Newman. June 1999. 2716 PPP EAP TLS Authentication Protocol. B. Aboba, D. Simon. October 2817 Upgrading to TLS Within HTTP/1.1. R. Khare, S. Lawrence. May 2818 HTTP Over TLS. E. Rescorla. May 2000. (Format: TXT=15170 bytes) > They need only advertise a logo that "WARNING, any server in > Britain or other authoritarian countries without this feature > can secretly yield up your credit-card number and all > transactions to the authorities. Use backward-secure SSL!" If you're giving your credit card details to somebody you're giving your credit card details to somebody. Exactly how it reaches them is irrelevant to whether they can later pass it on. > In message <20001031155911.A11024@cdc.informatik.tu-darmstadt.de>, Bodo > Moeller writes > >The typical SSL web*server* today comes with Diffie-Hellman enabled > >(Apache with mod_ssl), but the browsers by Microsoft, Netscape and > >Opera Software unfortunately don't implement the ciphersuites > >involving DH. Lynx-SSL does support DH, but it does not check server > >certificates, so you entirely rely on the DNS for server > >authentication. I'd guess that using SafePassage or a similar SSL > >proxy (which runs on the same machine as the browser and works as a > >"man in the middle" by re-encrypting all data between the client and > >the server) makes it possible to use DH with standard browsers. > > Can it be done as plug-ins, add-ons, or whatever? > or does it really have to be via a LocalHost / LocalProxy ?? > though I suppose such a thing is not impossible to write.... SafePassage has been around for several years (since at least 1996) from Sameer and his C2net organisation (recently bought by Red Hat). Quoting Adam Back on codepunks 18Jan1999: : The other approach is the pipe / TCP/IP socket. If the clients can be : configured to select server host name and port number, you can : integrate crypto using a local proxy. : : A few examples of this are: : : Ian Brown's Enigma http://www.cs.ucl.ac.uk/staff/I.Brown/ : Ben "Quincy" Cabell's ByProxy http://www.besiex.org : C2Net's SafePassage http://www.c2.net > In message <69DB54A9E557D411865000508BA704BAB11752@MAIL2>, Owen Blacker > writes > >As an aside, IIRC, you don't have a 40 bit (or 56 bit) session key > >ever, but you might have (respectively) 88 or 72 bits of the 128 bit > >key provided in the clear in headers. I don't recall whether it's > > Oh, groan; and is there any way round THIS one :-? Of the many ciphersuites just listed here in other posts only some do this deliberate key leaking. Test at ... can't find an URL right now but there are some that tell you whether you got 128-bits. From alan.hassey at btinternet.com Wed Nov 1 08:00:50 2000 From: alan.hassey at btinternet.com (Dr Alan Hassey) Date: Wed, 1 Nov 2000 08:00:50 -0000 Subject: Clifford Cocks interview In-Reply-To: <4.2.0.58.20001031112559.00a274c0@pop.gn.apc.org> Message-ID: <000001c043d9$da777540$d0a2fea9@mycomputer> I think it's repeated Wed or Thurs isn't it??? === Dr Alan Hassey (mailto:alan.hassey@btinternet.com) RCGP Health Informatics Group Joint Computing Group (GPC - RCGP) -----Original Message----- From: ukcrypto-admin@chiark.greenend.org.uk [mailto:ukcrypto-admin@chiark.greenend.org.uk]On Behalf Of Duncan Campbell Sent: 31 October 2000 11:26 To: ukcrypto@chiark.greenend.org.uk Subject: Clifford Cocks interview Did anyone watch Channel 4's Science of Secrecy interview with Cliff Cocks on Sunday? Bad weather stopped me getting back to see it. Was it good, bad or indifferent? Has anyone got a copy that they would be willing to lend or have copied (reply privately to this one please). Duncan Campbell From DHowe at Hawkswing.demon.co.uk Wed Nov 1 09:24:20 2000 From: DHowe at Hawkswing.demon.co.uk (David Howe) Date: Wed, 1 Nov 2000 09:24:20 -0000 Subject: GPL in the UK References: <20001031192627.A1761@localhost.localdomain> Message-ID: <001501c043e5$850a7240$c71121c2@sharpuk.co.uk> "Benjamin Geer" wrote: > On the question of whether the UK government could reassign copyright > for GPLed software in case of bankruptcy, the FSF had this to say: > > The GPL is an irrevocable license. That means that the government > > would not be able to revoke the rights given by the GPL to those who > > already received a copy under the terms of the GPL. They would only > > be allowed to to change the license for new licensees who receive a > > copy from them. I would dispute that - what is an ironclad agreement under US law (and in particular, under the juristiction of the FSF) does not apply worldwide. The Inland Revenue have a past history of pulling some pretty dubious stunts to get their VAT owed, and getting away with it. The US law is much more biassed in Corporate rights Vs Government (and indeed, anyone else's) rights... Out of interest, which is going to come first - the US letting Micky Mouse go out of copyright or the rest of the world ignoring the US extensions? From nbohm at ernest.net Wed Nov 1 10:19:09 2000 From: nbohm at ernest.net (Nicholas Bohm) Date: Wed, 01 Nov 2000 10:19:09 +0000 Subject: RIP questions Message-ID: <3.0.5.32.20001101101909.00b73b10@mail.netkonect.co.uk> At 09:27 PM 10/31/2000 +0000, Ben Clifford wrote: [snip] >If I somehow use somebody's signature key to encrypt information to them, >this then seems to require that they have to give up their key, even if >they intended for it to be used only for signatures? Only if they use their private key to decrypt it. Regards, Nicholas Bohm Salkyns, Great Canfield, Takeley, Bishop's Stortford CM22 6SX, UK Phone 01279 871272 (+44 1279 871272) Fax 01279 870215 (+44 1279 870215) Mobile 07715 419728 (+44 7715 419728) PGP RSA 1024 bit public key ID: 0x08340015. Fingerprint: 9E 15 FB 2A 54 96 24 37 98 A2 E0 D1 34 13 48 07 PGP DSS/DH 1024/3072 public key ID: 0x899DD7FF. Fingerprint: 5248 1320 B42E 84FC 1E8B A9E6 0912 AE66 899D D7FF From Charles Lindsey Wed Nov 1 10:24:50 2000 From: Charles Lindsey (Charles Lindsey) Date: Wed, 1 Nov 2000 10:24:50 +0000 (GMT) Subject: How RIP-proof is SSL? Message-ID: <200011011024.KAA07228@clw.cs.man.ac.uk> On Tue, 31 Oct 2000 20:21:43 +0000 Dave Bird said... > OK why not have a long-term signing key, but change the public > encrypt key every minute or every message. Because it is computat- > ionally intensive to provide that many public keys I suppose. Yes, that's about it. For D-H, the server just has to generate one 128 bit random number. For an RSA key, the server has to generate two 512 bit random numbers AND establish (to a high degree of probability) that they are both prime. So D-H seems to be the way to go. Someone said that servers now mostly support it, so we need to be leaning on the people who supply browsers to do so too. Charles H. Lindsey ---------At Home, doing my own thing------------------------ Email: chl@clw.cs.man.ac.uk Web: http://www.cs.man.ac.uk/~chl Voice/Fax: +44 161 437 4506 Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K. PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5 From owen.blacker at pres.co.uk Wed Nov 1 13:13:13 2000 From: owen.blacker at pres.co.uk (Owen Blacker) Date: Wed, 1 Nov 2000 13:13:13 -0000 Subject: RIP questions Message-ID: <69DB54A9E557D411865000508BA704BAB1178B@MAIL2> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Equally, at least with DSS/D-H keys in PGP 6.x and higher (and, IIRC, with the "new" RSA format used in PGP 7), you can delete the D-H encryption subkey, so that it cannot be used for encryption, just for signatures. OK, so you could probably hack about with it in order to encrypt using the DSS key if you really wanted to, but that'd plainly be misuse of a key intended only for signatures. See my signature key (0x00036874), for example... :o) O x - ----- Owen Blacker Senior Internet Developer and InfoSec Consultant, pres.co I now have new PGP keys -- qv http://www.owens-place.org.uk/pgp.html Sig 0x00036874 | d39f b776 fa20 c125 b0e2 aa6d 555e 4126 0003 6874 > -----Original Message----- > From: Nicholas Bohm [mailto:nbohm@ernest.net] > Sent: Wednesday, November 01, 2000 10:19 AM > To: ukcrypto@chiark.greenend.org.uk; > ukcrypto@chiark.greenend.org.uk Subject: Re: RIP questions > > > At 09:27 PM 10/31/2000 +0000, Ben Clifford wrote: > > [snip] > > >If I somehow use somebody's signature key to encrypt > information to them, > >this then seems to require that they have to give up their > key, even if > >they intended for it to be used only for signatures? > > Only if they use their private key to decrypt it. > > Regards, > > Nicholas Bohm > > Salkyns, Great Canfield, > Takeley, Bishop's Stortford CM22 6SX, UK > > Phone 01279 871272 (+44 1279 871272) > Fax 01279 870215 (+44 1279 870215) > Mobile 07715 419728 (+44 7715 419728) > > PGP RSA 1024 bit public key ID: 0x08340015. Fingerprint: > 9E 15 FB 2A 54 96 24 37 98 A2 E0 D1 34 13 48 07 > PGP DSS/DH 1024/3072 public key ID: 0x899DD7FF. Fingerprint: > 5248 1320 B42E 84FC 1E8B A9E6 0912 AE66 899D D7FF > > > > > ____________________________________________________________________ > _ This message has been checked for all known viruses by UUNET > delivered > through the MessageLabs Virus Control Centre. For further > information visit > http://www.uk.uu.net/products/security/virus/ > -----BEGIN PGP SIGNATURE----- Version: PGP 7.0 Comment: Due to RIP, pls check for revocation before using this key! iQA/AwUBOgAXCFVeQSYAA2h0EQJ+3wCggtjnuNVz8H9MdgtE7/jq5PaEQbgAoK4N MTHf7uBXbaNgfiKRlFB7HgjZ =a/Vl -----END PGP SIGNATURE----- _____________________________________________________________________ This message has been checked for all known viruses by UUNET delivered through the MessageLabs Virus Control Centre. For further information visit http://www.uk.uu.net/products/security/virus/ From Pete.Chown at skygate.co.uk Wed Nov 1 13:46:01 2000 From: Pete.Chown at skygate.co.uk (Pete Chown) Date: Wed, 1 Nov 2000 13:46:01 +0000 Subject: How RIP-proof is SSL? In-Reply-To: ; from dave@xemu.demon.co.uk on Tue, Oct 31, 2000 at 10:11:35PM +0000 References: <003d01c04329$f022b360$c71121c2@sharpuk.co.uk> <527.972990948@cs.ucl.ac.uk> Message-ID: <20001101134601.E1922@hyena.skygate.co.uk> Dave Bird wrote: > Heaven help us, could you specify what an "ephemeral" DH suite is -- > one which has a long-term and certified public DSS signing key, > but a different DH public encrypt key per minute or per message? The signing can be by DSS or RSA but that is a messy detail. Apart from that what you say is right. > What is the "TLS" working group? Well, SSL changed its name to TLS for its most recent revision. The TLS working group is the IETF body that considers improvements to the protocol. It has a home page at: http://www.ietf.org/html.charters/tls-charter.html but this is fairly uninteresting if you are not following the "nuts and bolts" of the protocol. > Can this stuff be put into share-ware, into browser plug-ins, > into at least software used by the wise?? Sure. OpenSSL supports it for example. A browser plug in would be a bit harder though -- most of the browsers keep the crypto functionality under quite tight control. > "Export SSL?" export from where......?? Some of us are just ignorant > political campaigners with a limited knowledge of the practical > use of crtypto, and don't sit on all the working parties. From the US. The law has been changed now, but there are still some of the old "export" browsers around. More importantly the standards still support the export crippled crypto even if it is less and less used. > Oh, groan; and is there any way round [ the leakage of key bits ] :-? This is just the way the crippled browsers work. The 128-bit key ones really do have a 128-bit key. -- Pete From Q.G.Campbell at newcastle.ac.uk Wed Nov 1 13:26:30 2000 From: Q.G.Campbell at newcastle.ac.uk (Quentin Campbell) Date: Wed, 1 Nov 2000 13:26:30 +0000 (GMT) Subject: How RIP-proof is SSL? In-Reply-To: <200010301042.KAA08794@clw.cs.man.ac.uk> Message-ID: On Mon, 30 Oct 2000, Charles Lindsey wrote: [snip] > Bob has a private RSA key, and exhibits a certificate containing its > public counterpart and signed by Verisign. In the simplest scenarios, > this is both a signature and verification key. He sends a message, > incorporating that certificate, to Alice, signed by this key, inviting > her to generate a session key. > > Alice (who trusts Verisign) verifies that the invitation and the [snip] You need to be able to trust *both* Verisign and the holder of the private (signing) key. It will be interesting to see to what extent trust in these certificates will be undermined by, for example, the recent revocation by Sun Microsystems of two certificates used by Netscape and IE. Their announcemnt was very terse and gave no explantion as to how the secret keys may have been compromised. Quentin -- PHONE: +44 191 222 8209 Computing Service, University of Newcastle FAX: +44 191 222 8765 Newcastle upon Tyne, United Kingdom, NE1 7RU. ------------------------------------------------------------------------- "Any opinions expressed above are mine. The University can get its own." From I.Brown at cs.ucl.ac.uk Wed Nov 1 16:41:15 2000 From: I.Brown at cs.ucl.ac.uk (Ian Brown) Date: Wed, 1 Nov 2000 16:41:15 -0000 Subject: UK Big Brother Awards 2000 Message-ID: Folks -- ukcrypto members are invited to this year's BBAs (some might even win one!) -- please RSVP to Simon if interested. You can also nominate candidates to his e-mail address. Ian :0) -- PRIVACY INTERNATIONAL Takes mischievous pleasure in inviting you to attend the 3rd annual UK BIG BROTHER AWARDS To recognise the villains and heroes of privacy at 7.15 pm, Monday 4th December in the Old Theatre The London School of Economics Houghton Street London WC2A 2AE (Ground floor, Old Building) Reception at 6pm in the Senior Dining Room, 5th floor, Old Building Presented by Channel 4's Mark Thomas Hosted by the LSE Department of Information Systems Awards will be presented for: Worst public servant; Most invasive company; Most Appalling Project; Most Heinous Government Organisation; and Lifetime Menace. RSVP to Simon Davies : s.g.davies@lse.ac.uk Phone 07958 466 552 From peter.fairbrother at ntlworld.com Wed Nov 1 16:00:00 2000 From: peter.fairbrother at ntlworld.com (Peter Fairbrother) Date: Wed, 01 Nov 2000 16:00:00 +0000 Subject: How RIP-proof is SSL? In-Reply-To: Message-ID: A note about Diffie-Hellman : Alice and Bob want to make a key. First, Alice and Bob make some private parts (1). They're shy, so they conceal their private parts (2) and send these concealed parts to each other openly. When they each take their own private part and mix (3) it with the other's concealed private part they make a key. By the magic of Diffie-Hellman (4) both keys are the same! However, instead of cherishing this key they throw both it and their private parts away!(5) Peter (1) a random number - call Alice"s A and Bob's B (2) by taking a small number called g and multiplying g by itself the number they want to hide times, then dividing the result by a big number P and sending the remainder. This is written g^A MOD P. For optimum security g should be a generator for a large prime P - this means that each A in the formula gives a different answer, when A is less than P. g and P are not secret and can be reused - fortunate as it is quite hard to find a suitable combination. The rest of the maths is quite quick to do. (3) Alice does ((g^B) MOD P)^A MOD P , Bob does ((g^A) MOD P)^B MOD P. A is Alice's private part, (g^B) MOD P is the open part Bob sent, B is Bob's private part ,(g^A) MOD P is the open part Alice sent. (4)((g^B) MOD P)^A MOD P = (g^B)^A MOD P = (g^A)^B MOD P = ((g^A) MOD P)^B MOD P. Explaining why would take too long, but (g^B)^A = g^(B^A) = b^(A^B) = (g^A)^B , and the MOD P bit makes the numbers small enough to be useful, as well as making it hard to find a private part from it's open part. (5) Or they ought to if they want the key to be ephemeral. From peter.fairbrother at ntlworld.com Wed Nov 1 16:20:22 2000 From: peter.fairbrother at ntlworld.com (Peter Fairbrother) Date: Wed, 01 Nov 2000 16:20:22 +0000 Subject: Avoiding RIPA In-Reply-To: Message-ID: a) Online one-to-one communication. Fairly easy. Use signed Diffie-Hellman to establish a shared secret key and delete it immediately the session is over. It doesn't matter how the server handles it, the encryption is end-to-end. Unfortunately very few present security programs can do this. b)Offline one-to-one eg email. Tricky. Same as above but the server keeps signed D-H open key parts from the recipients and gives them to the sender on demand. Secure once the keys have been deleted eg the mail has been read. I know of no presently implemented protocols that can do this securely against RIPA. Unfortunately the private parts of the D_H keys must be stored somewhere until the message is read. c) Stored data, including keys. Very tricky. If it is on your computer then it is reasonable to assume you have keys. It's also capable of being used in evidence if plod seizes your computer (decoded interceptions aren't). I personally wouldn't trust deniable techniques where the raw data is open to plod. If it's stored elsewhere then it's harder for plod to know what is stored. You can use message obscurity and deniability to conceal the extent of the contents of an online database. You can use multiple encryption if you don't trust the server. Using ephemeral keys for the communications between user and server is not sufficient to protect against RIPA, whether or not you trust the server. I am fairly sure there are no present programs that can do this securely against RIPA. From Charles Lindsey Wed Nov 1 13:52:14 2000 From: Charles Lindsey (Charles Lindsey) Date: Wed, 1 Nov 2000 13:52:14 +0000 (GMT) Subject: RIP questions Message-ID: <200011011352.NAA08603@clw.cs.man.ac.uk> On Tue, 31 Oct 2000 21:27:58 +0000 (/etc/localtime) Ben Clifford said... > > sorry if these have been asked before: > > How are contributions to costs worked out (eg sec 24, 52) - does it work > the same way as for existing interception warrants? Either way, how does > it work? "As the Secretary of State thinks fit". > > Can I disclose as a key an XOR "one-time pad" generated by my > XORing of the encrypted data and the plaintext? You could always try it on. But if Plod spots that the encrytped data started off with the standard PGP boilerplate, or that the "one-time-pad" started off with a long string of zeroes, then he could likely persuade a Court that you were "knowingly" trying to cheat. > > If I somehow use somebody's signature key to encrypt information to them, > this then seems to require that they have to give up their key, even if > they intended for it to be used only for signatures? Yes, that is one of the known possibilities. But they "wouldn't" prosecute you in that case, would they? Charles H. Lindsey ---------At Home, doing my own thing------------------------ Email: chl@clw.cs.man.ac.uk Web: http://www.cs.man.ac.uk/~chl Voice/Fax: +44 161 437 4506 Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K. PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5 From peter.fairbrother at ntlworld.com Wed Nov 1 17:17:28 2000 From: peter.fairbrother at ntlworld.com (Peter Fairbrother) Date: Wed, 01 Nov 2000 17:17:28 +0000 Subject: RSA and RIPA In-Reply-To: <20001031170002.Q12993@marge.ftel.co.uk> Message-ID: First of all, there is no advantage in using RSA for anything except signatures in crypto designed for resistance to RIPA. Ephemeral keys are better handled by Diffie-Hellman, although they must of course be signed, perhaps by RSA. Long-term RSA keys are likely to be subject to orders to reveal them. The main advantage of RSA for message-sending, that only the private key holder can read the message, is removed by RIPA's ability to demand keys. Secondly, that very advantage devalues RSA's usefulness as a signature key scheme. The Act allows exemption from orders to reveal any key which: (a) is intended to be used for the purpose only of generating electronic signatures; and =A0 =A0 =20 (b) has not in fact been used for any other purpose. (s.49.9). As RSA public keys can be so easily used to encrypt messages, it is hard to prove that the private key has not ben used to decrypt them. Thi= s applies to all RSA keys, including Certificating Authority keys. In theory (which is not rigorous and which doesn't take into account the difficulty o= f actually using them to encrypt/decrypt messages) it may apply to all public signature key schemes. I tried to point this out when RIP was going through Parliament, but nobody was listening. Anybody know of a signature key scheme that can't be used to encrypt messages and which has no covert channels? That doesn't require the signee to be on-line?=20 Peter From peter.fairbrother at ntlworld.com Wed Nov 1 18:36:29 2000 From: peter.fairbrother at ntlworld.com (Peter Fairbrother) Date: Wed, 01 Nov 2000 18:36:29 +0000 Subject: MOOT - Now Hushmail In-Reply-To: <00de01c04382$4ca07ed0$2201320a@Marduk> Message-ID: on 31/10/00 9:34 pm, Nexus at nexus@patrol.i-way.co.uk wrote: > Hi folks, > I use Hushmail myself for those anonymous occaisons as the SMTP header > gives little away. Hushmail themselves are using (visible) an Apache > Server : > Server: Apache/1.3.12 (Unix) mod_ssl/2.6.6 OpenSSL/0.9.5a > *defers to Ben on this one ;-)* > The session appears to be 128 bit and, indeed, nothing is sent in clear > after the password has been entered, and that is sent as a hash. The http > headers for the initial exchange are : > STARTSESSION > { > ### big hash here ### > } > > HTTP/1.1 200 OK > Content-length: 121 > Connection: close > content-type: application/x-hush-service-responses > hush-publickeysize: 1024 > hush-hashalgorithm: SHA1 > hush-version: 1.2 > hush-publickeycipher: ElGamal > hush-symmetrickeysize: 128 > hush-symmetrickeycipher: Blowfish > > OK > { > ### and another hash ### > } > > Then it switches over to HTTPS. > The hashes above are session based, so an attacker on the local net with a > sniffer could potentially > replicate the session ID's and impersonate the legit user if they remain on > for long enough, but I'll need to test that > when I have the time. > > Cheers, > JJ > > > [snip] >>> On Sat, 28 Oct 2000 09:55:12 -0700 >>> Greg Broiles said... >>> >>>> Have you looked at ? That implements most of > [snip] > > ____________________________________________ > http://1cis.com > Free E-mail Servers with unlimited mailboxes > 1st Class Internet Solutions > > Does hushmail store plaintext on it's server? I'm not clear about this. From david at swarb.freeuk.com Wed Nov 1 17:18:38 2000 From: david at swarb.freeuk.com (David Swarbrick) Date: Wed, 1 Nov 2000 17:18:38 +0000 Subject: RIP questions In-Reply-To: <3.0.5.32.20001101101909.00b73b10@mail.netkonect.co.uk> References: <3.0.5.32.20001101101909.00b73b10@mail.netkonect.co.uk> Message-ID: In message <3.0.5.32.20001101101909.00b73b10@mail.netkonect.co.uk>, Nicholas Bohm writes >At 09:27 PM 10/31/2000 +0000, Ben Clifford wrote: > >[snip] > >>If I somehow use somebody's signature key to encrypt information to them, >>this then seems to require that they have to give up their key, even if >>they intended for it to be used only for signatures? > >Only if they use their private key to decrypt it. > I know that is the accepted interpretation, but I am not convinced. They are two numbers. They are chosen together, and are inextricably linked. There is a separation which takes place, as it were, after birth, but they only ever make sense when use together, and are incomplete unless used potentially in combination. They are in principle and often in practice reversible in use. The choice of one half rather than the other as public or private is arbitrary. They replace one key, but there is nothing in logic or use to say that one key may not be made up of two parts. It may well suit a judge to treat them as one key, and historical and ministerial protestations will not be of great significance. Do the codes of practice fix this in stone? -- David Swarbrick, Solicitor. Computer and Internet Law and Contracts david@swarb.freeuk.com T: +44(0)1484 722531 F: +44(0)1484 716617 Law-index of 11,400+ case summaries at www.swarb.co.uk From nbohm at ernest.net Wed Nov 1 19:13:07 2000 From: nbohm at ernest.net (Nicholas Bohm) Date: Wed, 01 Nov 2000 19:13:07 +0000 Subject: RSA and RIPA In-Reply-To: References: <20001031170002.Q12993@marge.ftel.co.uk> Message-ID: <3.0.5.32.20001101191307.00a0c400@mail.netkonect.co.uk> At 05:17 PM 11/1/2000 +0000, Peter Fairbrother wrote: >First of all, there is no advantage in using RSA for anything except >signatures in crypto designed for resistance to RIPA. Ephemeral keys are >better handled by Diffie-Hellman, although they must of course be signed, >perhaps by RSA. Long-term RSA keys are likely to be subject to orders to >reveal them. The main advantage of RSA for message-sending, that only the >private key holder can read the message, is removed by RIPA's ability to >demand keys. > >Secondly, that very advantage devalues RSA's usefulness as a signature key >scheme. The Act allows exemption from orders to reveal any key which: > >(a) is intended to be used for the purpose only of generating electronic >signatures; and >=A0 >=A0 =20 >(b) has not in fact been used for any other purpose. > >(s.49.9). As RSA public keys can be so easily used to encrypt messages, it >is hard to prove that the private key has not ben used to decrypt them.= This >applies to all RSA keys, including Certificating Authority keys.=20 The burden of proof is in principle the other way: Plod must prove it isn't a signature key. In practice (as Dave Swarbrick long ago pointed out) this is less comfort than is required. The reason is that the person facing the demand for the key has to decide then and there whether to refuse. Especially in a corporate environment, at that point he or she may have no way of being confident that nobody else has ever used the key to decrypt, and that Plod is bluffing (Plod need produce no evidence at this stage). So corporate signature keys are at risk in practice if Plod for some reason thinks they have been used to decrypt. Regards, Nicholas Bohm Salkyns, Great Canfield, Takeley, Bishop's Stortford CM22 6SX, UK Phone 01279 871272 (+44 1279 871272) Fax 01279 870215 (+44 1279 870215) Mobile 07715 419728 (+44 7715 419728) PGP RSA 1024 bit public key ID: 0x08340015. Fingerprint: 9E 15 FB 2A 54 96 24 37 98 A2 E0 D1 34 13 48 07 PGP DSS/DH 1024/3072 public key ID: 0x899DD7FF. Fingerprint: 5248 1320 B42E 84FC 1E8B A9E6 0912 AE66 899D D7FF From peter.fairbrother at ntlworld.com Wed Nov 1 18:26:45 2000 From: peter.fairbrother at ntlworld.com (Peter Fairbrother) Date: Wed, 01 Nov 2000 18:26:45 +0000 Subject: How RIP-proof is SSL?etc. + corrected typo - sorry! Message-ID: A note about Diffie-Hellman : Alice and Bob want to make a key. First, Alice and Bob make some private parts (1). They're shy, so they conceal their private parts (2) and send these concealed parts to each other openly. When they each take their own private part and mix (3) it with the other's concealed private part they make a number. By the magic of Diffie-Hellman (4) both numbers are the same! This is the key. However, instead of cherishing this key they throw both it and their private parts away!(5) Peter (1) a random number - call Alice"s A and Bob's B (2) by taking a small number called g and multiplying g by itself the number they want to hide times, then dividing the result by a big number P and sending the remainder. In Alice's case this is written g^A MOD P. The ^ means that they multiply the number before it by itself the number after it times. The MOD P bit means they divide it by P and throw away the result except for the remainder. For optimum security g should be a generator for a large prime P - this means that each A in the formula gives a different answer, when A is less than P. g and P are not secret and can be reused - fortunate as it is quite hard to find a suitable combination. The rest of the maths is quite quick to do.* (3) Alice does ((g^B) MOD P)^A MOD P , Bob does ((g^A) MOD P)^B MOD P. A is Alice's private part, (g^B) MOD P is the open part Bob sent, B is Bob's private part ,(g^A) MOD P is the open part Alice sent.** (4)((g^B) MOD P)^A MOD P = (g^B)^A MOD P = (g^A)^B MOD P = ((g^A) MOD P)^B MOD P. Explaining why would take too long, but (g^B)^A = g^(B^A) = g^(A^B) = (g^A)^B , and the MOD P bit makes the numbers small enough to be useful***, as well as making it hard to find a private part from it's open part. (5) Or they ought to if they want the key to be ephemeral. *on average n multiplications and n reductions MOD P where n is the number of bits in the key. Max 2n of each. **the same as * *** there isn't enough storage in the universe to store g^(B^A) as a binary number if A and B are 128-bit numbers. From DHowe at Hawkswing.demon.co.uk Wed Nov 1 20:22:31 2000 From: DHowe at Hawkswing.demon.co.uk (Dave Howe) Date: Wed, 1 Nov 2000 20:22:31 -0000 Subject: RSA and RIPA References: <20001031170002.Q12993@marge.ftel.co.uk> <3.0.5.32.20001101191307.00a0c400@mail.netkonect.co.uk> Message-ID: <00e501c04441$7ba137a0$01c8a8c0@default> Nicholas Bohm wrote: >(a) is intended to be used for the purpose only of generating electronic >signatures; and >(b) has not in fact been used for any other purpose. I could be missing something obvious here, but surely all that is required to remove the protection of (b) is for Plod to HIMSELF generate a message encrypted with that key? Is there something that prevents this? From ben at algroup.co.uk Wed Nov 1 20:34:51 2000 From: ben at algroup.co.uk (Ben Laurie) Date: Wed, 01 Nov 2000 20:34:51 +0000 Subject: RSA and RIPA References: Message-ID: <3A007E6B.C775CAA6@algroup.co.uk> Peter Fairbrother wrote: > Anybody know of a signature key scheme that can't be used to encrypt > messages and which has no covert channels? That doesn't require the signee > to be on-line? Signatures can _always_ be used for encryption, via chaffing and winnowing. Cheers, Ben. -- http://www.apache-ssl.org/ben.html "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." Robert Woodruff From peter.fairbrother at ntlworld.com Wed Nov 1 20:42:24 2000 From: peter.fairbrother at ntlworld.com (Peter Fairbrother) Date: Wed, 01 Nov 2000 20:42:24 +0000 Subject: RSA and RIPA In-Reply-To: <00e501c04441$7ba137a0$01c8a8c0@default> Message-ID: on 1/11/00 8:22 pm, Dave Howe at DHowe@Hawkswing.demon.co.uk wrote: > Nicholas Bohm wrote: >> (a) is intended to be used for the purpose only of generating electronic >> signatures; and >> (b) has not in fact been used for any other purpose. > I could be missing something obvious here, but surely all that is required > to remove the protection of (b) is for Plod to HIMSELF generate a message > encrypted with that key? Is there something that prevents this? Not really, but perhaps the Courts might differentiate between the public and the private RSA keys. Peter From peter.fairbrother at ntlworld.com Wed Nov 1 20:45:31 2000 From: peter.fairbrother at ntlworld.com (Peter Fairbrother) Date: Wed, 01 Nov 2000 20:45:31 +0000 Subject: RSA and RIPA In-Reply-To: <3A007E6B.C775CAA6@algroup.co.uk> Message-ID: on 1/11/00 8:34 pm, Ben Laurie at ben@algroup.co.uk wrote: > Peter Fairbrother wrote: >> Anybody know of a signature key scheme that can't be used to encrypt >> messages and which has no covert channels? That doesn't require the signee >> to be on-line? > > Signatures can _always_ be used for encryption, via chaffing and > winnowing. > > Cheers, > > Ben. I don't know where that that's been rigorously mathematically proven, and as the test is whether it has been used for other purposes the difficulty in using it for those purposes is relevant. Peter From peter.fairbrother at ntlworld.com Wed Nov 1 21:27:45 2000 From: peter.fairbrother at ntlworld.com (Peter Fairbrother) Date: Wed, 01 Nov 2000 21:27:45 +0000 Subject: RIP questions In-Reply-To: <200011011352.NAA08603@clw.cs.man.ac.uk> Message-ID: on 1/11/00 1:52 pm, Charles Lindsey at chl@clw.cs.man.ac.uk wrote: > On Tue, 31 Oct 2000 21:27:58 +0000 (/etc/localtime) > Ben Clifford said... [snip] >> Can I disclose as a key an XOR "one-time pad" generated by my >> XORing of the encrypted data and the plaintext? > > You could always try it on. But if Plod spots that the encrytped > data started off with the standard PGP boilerplate, or that the > "one-time-pad" started off with a long string of zeroes, then he could > likely persuade a Court that you were "knowingly" trying to cheat. I'm not absolutely sure that this isn't a loophole in RIPA. Will investigate and answer. See s.50.2.a, s.50.3.c and 50.5 but see s.50.7 as well. Any lawyers. please help! Peter. From peter.fairbrother at ntlworld.com Wed Nov 1 21:29:25 2000 From: peter.fairbrother at ntlworld.com (Peter Fairbrother) Date: Wed, 01 Nov 2000 21:29:25 +0000 Subject: RIP questions In-Reply-To: Message-ID: on 1/11/00 5:18 pm, David Swarbrick at david@swarb.freeuk.com wrote: > In message <3.0.5.32.20001101101909.00b73b10@mail.netkonect.co.uk>, > Nicholas Bohm writes >> At 09:27 PM 10/31/2000 +0000, Ben Clifford wrote: >> >> [snip] >> >>> If I somehow use somebody's signature key to encrypt information to them, >>> this then seems to require that they have to give up their key, even if >>> they intended for it to be used only for signatures? >> >> Only if they use their private key to decrypt it. >> > > I know that is the accepted interpretation, but I am not convinced. They > are two numbers. They are chosen together, and are inextricably linked. > There is a separation which takes place, as it were, after birth, but > they only ever make sense when use together, and are incomplete unless > used potentially in combination. They are in principle and often in > practice reversible in use. The choice of one half rather than the > other as public or private is arbitrary. They replace one key, but there > is nothing in logic or use to say that one key may not be made up of two > parts. > > It may well suit a judge to treat them as one key, and historical and > ministerial protestations will not be of great significance. Do the > codes of practice fix this in stone? There ain't no codes of practice. Peter From Ben Clifford Wed Nov 1 23:30:14 2000 From: Ben Clifford (Ben Clifford) Date: Wed, 1 Nov 2000 23:30:14 +0000 (/etc/localtime) Subject: RIP questions In-Reply-To: <69DB54A9E557D411865000508BA704BAB1178B@MAIL2> Message-ID: On Wed, 1 Nov 2000, Owen Blacker wrote: > OK, so you could probably hack about with it in order to > encrypt using the DSS key if you really wanted to, but that'd plainly > be misuse of a key intended only for signatures. But that was my point. Is "misuse" is still "use"? My (non-lawyer) understanding of the act is that, as well as intending for your key to not be used for encyption, it must not actually have been used for encryption [49.9]. So if I encrypt something with your key, no matter how hard you intended me not to be able to, [49.9] doesn't apply. -- http://www.hawaga.org.uk/c0deZ/globeApplet/ for my rotating world map applet http://www.hawaga.org.uk/benc_key.txt GPG key 0x30F06950 - please use it! http://www.hawaga.org.uk/ben/ my homepage From benc at hawaga.org.uk Wed Nov 1 23:37:46 2000 From: benc at hawaga.org.uk (Ben Clifford) Date: Wed, 1 Nov 2000 23:37:46 +0000 (/etc/localtime) Subject: RIP questions In-Reply-To: <200011011352.NAA08603@clw.cs.man.ac.uk> Message-ID: On Wed, 1 Nov 2000, Charles Lindsey wrote: > > How are contributions to costs worked out (eg sec 24, 52) - does it work > > the same way as for existing interception warrants? Either way, how does > > it work? > "As the Secretary of State thinks fit". I see that bit. But does there exist any precedent for this? > > Can I disclose as a key an XOR "one-time pad" generated by my > > XORing of the encrypted data and the plaintext? > > You could always try it on. But if Plod spots that the encrytped > data started off with the standard PGP boilerplate, or that the > "one-time-pad" started off with a long string of zeroes, then he could > likely persuade a Court that you were "knowingly" trying to cheat. How is that cheating? An XOR data is "other data", if not the other things, that facilitates the putting of the data into intelligible form, and, if I am in possession of this XOR at the time of receiving the order, I am allowed to pick which of my keys I give to Plod? I, as the person given notice, am specifically allowed to "which of the keys" [in my possession] "to disclose for the purpose of complying". > > If I somehow use somebody's signature key to encrypt information to them, > > this then seems to require that they have to give up their key, even if > > they intended for it to be used only for signatures? > > Yes, that is one of the known possibilities. But they "wouldn't" > prosecute you in that case, would they? What could they prosecute me for anyway? I wouldn't be breaking any law using someones signature key for encrypting, would I? Or could I be done for some form of harrasment (if such laws exist - I don't know, I just live here) -- http://www.hawaga.org.uk/c0deZ/globeApplet/ for my rotating world map applet http://www.hawaga.org.uk/benc_key.txt GPG key 0x30F06950 - please use it! http://www.hawaga.org.uk/ben/ my homepage From dave at xemu.demon.co.uk Wed Nov 1 21:47:03 2000 From: dave at xemu.demon.co.uk (Dave Bird) Date: Wed, 1 Nov 2000 21:47:03 +0000 Subject: How RIP-proof is SSL? In-Reply-To: References: Message-ID: -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 In message , Ralf Senderek writes >So plod could easily wait until he intercepts one of Alice's communications >and request the session-keys from Syd. Automatically forgetting session-keys >would then be two years worth of jail for Syd. And session-key-backup would >be a key-feature to be build into every implementation being legally used >by Syd. I'd love to hear that I'm wrong. On the second point, when you say "legally used".... if he points out that he can't do some capability, then if it is at all feasible for him to get the capability then they serve an order that he must get it and they will pay part of the cost. Richard or Clive might know whether Plod can order you to "save all keys relating to session with whoever for a given period." Of course this is a case for using a server in a free country, or (better) "onion routing" through changing selections of servers in different countries so Plod can't get to them all. Additionally, if every user takes responsibility for providing his own transient channel keys, then they can only get to use user's comm by attacking each of them one by one. Which becomes infeasible when there are millions. |~/ |~/ ~~|;'^';-._.-;'^';-._.-;'^';-._.-;'^';-._.-;||';-._.-;'^';||_.-;'^'0-|~~ P | Woof Woof, Glug Glug ||____________|| 0 | P O | Who Drowned the Judge's Dog? | . . . . . . . '----. 0 | O O | answers on *---|_______________ @__o0 | O L |_____________|/_______| L www.xemu.demon.co.uk 2B0D 5195 337B A3E6 DDAC BD38 7F2F FD8E 7391 F44F -----BEGIN PGP SIGNATURE----- Version: PGPsdk version 1.7.1 iQA/AwUBOgCPVn8v/Y5zkfRPEQK6WQCfYtHr6ZUeM0mu7VaICNnVsTvQtFUAoJZ8 C48S3Zxkf5OaLHVd/YjCWL+m =/6pX -----END PGP SIGNATURE----- From lawya at lucs-01.novell.leeds.ac.uk Thu Nov 2 00:46:41 2000 From: lawya at lucs-01.novell.leeds.ac.uk (Yaman Akdeniz) Date: Thu, 2 Nov 2000 00:46:41 -0000 Subject: Cyber-Rights.Net Forms Alliance with Hush Communications Message-ID: <3A00B971.21505.4914B0@localhost> Cyber-Rights.Net Forms Alliance with Hush Communications to offer HushMail Private Label to Internet users, http://www.cyber-rights.net Leeds, UK & Dublin, Ireland-(November, 01, 2000) Cyber-Rights & Cyber -Liberties (UK) have partnered with Hush Communications to campaign against the Regulation of Investigatory Powers Act (RIP) 2000, which passed into law in October this year. The Regulation of Investigatory Powers (RIP) Act outlines the extended reach of the UK government?s law enforcement and security agencies in regards to the monitoring and interception of communications across the Internet, and government access to encryption keys. Similar proposals are currently being discussed by the Council of Europe which would give law enforcement agencies extended powers and capabilities for Internet monitoring in more than 40 countries. In an effort to raise public awareness of these important policy issues and to encourage Internet users to use secure communications, Cyber-Rights & Cyber-Liberties (UK) are launching the Cyber- Rights.Net project. The project offers Internet users HushMail Private Label, an encrypted email solution, that employs Hush?s patent-pending Hush Encryption Engine. With HushMail Private Label, Cyber-Rights.Net will be able to offer its visitors and users end-to- end secure email through, http://www.cyber-rights.net. HushMail Private Label fully integrates Hush?s roaming key pair management technology into the Cyber-Rights.Net system enabling its users to send and receive secure mail from any location with access to the Internet throughout the world. Mr. Yaman Akdeniz, Director, Cyber-Rights & Cyber-Liberties (UK) stated: "Both the Website and project promote privacy of communications and hope to raise awareness for security on the Internet. In the absence of clearly defined conditions and safeguards protecting the privacy of communications in homes and in working environments, it is time for the individual to take action and protect their communications. Cyber-Rights.Net will be an additional tool for concerned Internet users when securing their communications." Cyber-Rights & Cyber-Liberties (UK) is dedicated to the promotion of secure and private communications over the Internet and has been influential in the national and international policy making process. Jon Matonis, CEO of Hush Communications said, "We are excited to be a part of the Cyber-Rights & Cyber-Liberties project. HushMail Private Label will offer Cyber-Rights.Net users the most secure and user- friendly email solution available on the market today. From everyday Internet users to legal and medical professionals, Hush protects online communications." From its inception, Hush Communications has been dedicated to the privacy rights. The company?s core technology was specifically developed to protect the communications and transactions of anyone with access to the Internet. While Hush offers a variety of products and services for sale, its flagship product, HushMail.Com (www.hushmail.com), provides fully encrypted, Web-based email, free of charge, to the general public. Hush posts its source code for review and download at www.hush.ai. About Cyber-Rights & Cyber-Liberties (UK) Cyber-Rights & Cyber-Liberties (UK) (http://www.cyber-rights.org), is a non-profit organisation established to protect the interests of all honest, law abiding Internet users with the aim of promoting free speech and privacy on the Internet. It was founded in 1997 and has been actively involved with the Internet policy-making process of the UK government, the European Union, Council of Europe, OECD, and the United Nations. About Hush Communications Corporation Hush is the premier provider of encryption products and services in the secure communications industry. The company?s SDK, Software Developer Kit, allows other Web-based infrastructure companies and application providers to design product and service offerings that utilise the Hush Key Server Network. Hush has strategic alliances with Netsmart (www.netsmart.com), NetNation Communications (www.netnation.com) and Security Portal (www.securityportal.com), and its investors include OffRoad Capital Corporation (www.offroadcapital.com). Hush Communications is the leading market share for encryption key management services and has users in every country in the world. Hush Communications Corporation is a U.S. company with subsidiary companies located in Dublin, Ireland; Salt Lake City, Utah; and Austin, Texas and is the provider of HushMail.Com, HushMail Private Label, and HushPOP with worldwide headquarters based in Dublin, Ireland. Contact Details Cyber-Rights & Cyber-Liberties (UK) Mr. Yaman Akdeniz, Director, Cyber-Rights & Cyber-Liberties (UK) Url: http://www.cyber-rights.org E-mail: lawya@cyber-rights.org Tel: +44 (0)7798 865116 Dr. Louise Ellison, Deputy Director, Cyber-Rights & Cyber-Liberties (UK) Tel: +44 (0) 118 9875123 (ext. 7507) E-mail: lawlee@cyber-rights.org Hush Communications Genevieve Van Cleve Ciara Hudson 22 Upper Pembroke St. Dublin 2, Ireland Phone: +353-1-241-0367 Fax: +353-1-241-0370 genvc@hushmail.com ciara@hushmail.com From Brian Gladman" <3.0.5.32.20001101191307.00a0c400@mail.netkonect.co.uk> <00e501c04441$7ba137a0$01c8a8c0@default> Message-ID: <001401c04442$dc7a3260$4e269fd4@fortytwo> From: "Dave Howe" To: Sent: Wednesday, November 01, 2000 8:22 PM Subject: Re: RSA and RIPA > Nicholas Bohm wrote: > >(a) is intended to be used for the purpose only of generating electronic > >signatures; and > >(b) has not in fact been used for any other purpose. > I could be missing something obvious here, but surely all that is required > to remove the protection of (b) is for Plod to HIMSELF generate a message > encrypted with that key? Is there something that prevents this? The issue is that of the private part of the key being used for decryption - even if the public part has been used for encryption, the theory is that the private helf is safe provided that it is never used to decrypt anything. Many (including me) don't find this of much comfort though. Brian From donald at ramsbottom.co.uk Thu Nov 2 06:18:52 2000 From: donald at ramsbottom.co.uk (Donald Ramsbottom) Date: Thu, 02 Nov 2000 06:18:52 +0000 Subject: Wylde OSA case falls apart Message-ID: <1.5.4.32.20001102061852.00fee4cc@192.168.0.65> The case against Wylde has been dropped. The detail can be found at: http://www.the-times.co.uk/article/0,,28966,00.html It looks as though Duncan Campbell's analysis of the material was crucial, well done. Donald Ramsbottom LL.B, BA (Hons). RAMSBOTTOM & Co. Solicitors Internet Law & Global Cryptology Law Specialists 5 Seagrove Avenue, Hayling Island, Hants, PO11 9EU, England. Tel (44) (023) 9246 5931 Fax (44) (023)9246 8349 Ramsbottom & Co is regulated by the Law Society in the conduct of investment business Service by Fax or E-Mail NOT Accepted From donald at ramsbottom.co.uk Thu Nov 2 06:35:58 2000 From: donald at ramsbottom.co.uk (Donald Ramsbottom) Date: Thu, 02 Nov 2000 06:35:58 +0000 Subject: HO IT fails again Message-ID: <1.5.4.32.20001102063558.00ffb7dc@192.168.0.65> Another HO boob at: http://www.thetimes.co.uk/article/0,,28974,00.html How difficult can it be to make a data base work when you have thrown =A3100= m at it? Donald Ramsbottom LL.B, BA (Hons). RAMSBOTTOM & Co. Solicitors Internet Law & Global Cryptology Law Specialists 5 Seagrove Avenue, Hayling Island, Hants, PO11 9EU, England. Tel (44) (023) 9246 5931 Fax (44) (023)9246 8349 Ramsbottom & Co is regulated by the Law Society in the conduct of investment business Service by Fax or E-Mail NOT Accepted From peter.fairbrother at ntlworld.com Thu Nov 2 08:45:26 2000 From: peter.fairbrother at ntlworld.com (Peter Fairbrother) Date: Thu, 02 Nov 2000 08:45:26 +0000 Subject: Hushmail In-Reply-To: <3A00B971.21505.4914B0@localhost> Message-ID: Finally had the time to look at hushmail. It's basically RSA except the private keys are "encrypted with blowfish and a passphrase" (how? why?) and stored encrypted on their server. The ony advantage I can see is that you don't have to remember your private key. No forward secrecy. No protection against RIPA at all. Waste of time. -- Peter Fairbrother peter.fairbrother@ntlworld.com From steve at greenend.org.uk Thu Nov 2 11:16:20 2000 From: steve at greenend.org.uk (Stephen Early) Date: Thu, 2 Nov 2000 11:16:20 +0000 (GMT) Subject: HO IT fails again In-Reply-To: <1.5.4.32.20001102063558.00ffb7dc@192.168.0.65> References: <1.5.4.32.20001102063558.00ffb7dc@192.168.0.65> Message-ID: <14849.19716.501787.246884@myrddin.sinister.greenend.org.uk> On Thursday, 2 Nov 2000, Donald Ramsbottom wrote: > How difficult can it be to make a data base work when you have > thrown =A3100m at it? The problem may be precisely that it has had money thrown at it - providing additional resources to large projects, particularly computer-related ones, is counterproductive. In a world where politics demands that "this project will not fail", and at the first hint of failure top-level management try to "fix it" by throwing money, this ensures regular expensive failures... Steve Early From Charles Lindsey Thu Nov 2 09:46:44 2000 From: Charles Lindsey (Charles Lindsey) Date: Thu, 2 Nov 2000 09:46:44 +0000 (GMT) Subject: RIP questions Message-ID: <200011020946.JAA18085@clw.cs.man.ac.uk> On Wed, 1 Nov 2000 23:37:46 +0000 (/etc/localtime) Ben Clifford said... > > On Wed, 1 Nov 2000, Charles Lindsey wrote: > > > > If I somehow use somebody's signature key to encrypt information to them, > > > this then seems to require that they have to give up their key, even if > > > they intended for it to be used only for signatures? > > > > Yes, that is one of the known possibilities. But they "wouldn't" > > prosecute you in that case, would they? > > What could they prosecute me for anyway? I wouldn't be breaking any law > using someones signature key for encrypting, would I? Or could I be done > for some form of harrasment (if such laws exist - I don't know, I just > live here) What I meant was that they "wouldn't" prosecute the person unwittingly receiving the communication, because they are all nice decent chaps, and it wouldn't be cricket, would it? That must be correct, because that is what the nice Minister said in Committee. Charles H. Lindsey ---------At Home, doing my own thing------------------------ Email: chl@clw.cs.man.ac.uk Web: http://www.cs.man.ac.uk/~chl Voice/Fax: +44 161 437 4506 Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K. PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5 From Charles Lindsey Thu Nov 2 09:49:43 2000 From: Charles Lindsey (Charles Lindsey) Date: Thu, 2 Nov 2000 09:49:43 +0000 (GMT) Subject: How RIP-proof is SSL? Message-ID: <200011020949.JAA18095@clw.cs.man.ac.uk> On Wed, 1 Nov 2000 21:47:03 +0000 Dave Bird said... > On the second point, when you say "legally used".... if he points > out that he can't do some capability, then if it is at all feasible > for him to get the capability then they serve an order that he > must get it and they will pay part of the cost. There is nothing in the Act authorising them to serve that kind of order. > > Richard or Clive might know whether Plod can order you to "save > all keys relating to session with whoever for a given period." Nor that. There is provision for requiring ISPs to install a capability for interception, but not for decryption. Charles H. Lindsey ---------At Home, doing my own thing------------------------ Email: chl@clw.cs.man.ac.uk Web: http://www.cs.man.ac.uk/~chl Voice/Fax: +44 161 437 4506 Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K. PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5 From Pete.Chown at skygate.co.uk Thu Nov 2 14:00:51 2000 From: Pete.Chown at skygate.co.uk (Pete Chown) Date: Thu, 2 Nov 2000 14:00:51 +0000 Subject: RIP questions In-Reply-To: ; from david@swarb.freeuk.com on Wed, Nov 01, 2000 at 05:18:38PM +0000 References: <3.0.5.32.20001101101909.00b73b10@mail.netkonect.co.uk> Message-ID: <20001102140051.H3483@hyena.skygate.co.uk> David Swarbrick wrote: > [Public and private keys] are in principle and often in > practice reversible in use. The choice of one half rather than the > other as public or private is arbitrary. Actually this is only true of RSA (out of the schemes in common use, anyway). With the ElGamal type schemes (DSA, Diffie-Hellman, and ElGamal itself) there is no symmetry between the keys in this way. Also for efficiency reasons RSA often uses a small number (3 for example) as the public key. Obviously in this case you can't reverse the keys because it would be rather easy to guess the private one! (It would still work mathematically though.) -- Pete From Charles Lindsey Thu Nov 2 15:03:28 2000 From: Charles Lindsey (Charles Lindsey) Date: Thu, 2 Nov 2000 15:03:28 +0000 (GMT) Subject: RIP questions Message-ID: <200011021503.PAA04396@clw.cs.man.ac.uk> On Thu, 2 Nov 2000 14:00:51 +0000 Pete Chown said... > > David Swarbrick wrote: > > > [Public and private keys] are in principle and often in > > practice reversible in use. The choice of one half rather than the > > other as public or private is arbitrary. > > Actually this is only true of RSA (out of the schemes in common use, > anyway). With the ElGamal type schemes (DSA, Diffie-Hellman, and > ElGamal itself) there is no symmetry between the keys in this way. > > Also for efficiency reasons RSA often uses a small number (3 for > example) as the public key. Obviously in this case you can't reverse > the keys because it would be rather easy to guess the private one! > (It would still work mathematically though.) > Eh? Surely the important part of the public key is the product of the two primes, which is supposed to be arbitrarily hard to factor. OTOH, the private key usually comprises the two primes themselves, so if you have the private key, you can easily derive the public one. So they are not symetrical in that respect. Charles H. Lindsey ---------At Home, doing my own thing------------------------ Email: chl@clw.cs.man.ac.uk Web: http://www.cs.man.ac.uk/~chl Voice/Fax: +44 161 437 4506 Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K. PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5 From pleyland at microsoft.com Thu Nov 2 15:26:27 2000 From: pleyland at microsoft.com (Paul Leyland) Date: Thu, 2 Nov 2000 07:26:27 -0800 Subject: RIP questions Message-ID: > > Also for efficiency reasons RSA often uses a small number (3 for > > example) as the public key. Obviously in this case you can't reverse > > the keys because it would be rather easy to guess the private one! > > (It would still work mathematically though.) > Eh? Surely the important part of the public key is the product of the > two primes, which is supposed to be arbitrarily hard to factor. No Sir, your monkey has it right Sir. (No prizes for saying where that comes from.) > OTOH, the private key usually comprises the two primes > themselves, so if you have the private key, you can easily > derive the public one. So they are not symetrical in that respect. Keeping the two primes around can lead to an important efficiency hack, but is not needed. The private exponent is the only portion that *needs* to be kept private. The public exponent and public modulus are the only portions that can be public; everything else, including the factors of the modulus (or, equivalently it's totient function) can be discarded. Unless you're interested in the efficiency gains it's probably best to discard the primes on the (possibly dubious) grounds that the smaller number of secrets you have the safer you are. And, indeed, if the private exponent is guessable the RSA scheme in question is not secure. Paul From donald at ramsbottom.co.uk Thu Nov 2 17:12:01 2000 From: donald at ramsbottom.co.uk (Donald Ramsbottom) Date: Thu, 02 Nov 2000 17:12:01 +0000 Subject: H.R. 2413 Message-ID: <1.5.4.32.20001102171201.00ffaccc@192.168.0.65> Below is a snippet about the Computer Security Enhancement Act. Shades of RIP accross the Pond. The extract is from E-Commerce weekly. House Passes Computer Security Enhancement Act of 2000 On October 24th, the House passed by voice vote the Computer Security Enhancement Act of 2000 (H.R. 2413). H.R. 2413 would require the National Institute of Standards and Technology (NIST) to establish voluntary standards to promote the interoperability of private industry Public Key Infrastructures (PKIs) with their federal government counterparts, and to provide guidance to federal agencies for protecting the security and privacy of sensitive information in federal computer systems. While these basic mandates are relatively innocuous, the bill would also require the development of standards for the federal government's use of electronic authentication technologies generally, as well as separate specifications for the federal government's use of PKI technologies. Finally, H.R. 2413 would require the establishment of a National Policy Panel for Digital Signatures to develop standards to ensure the accuracy, reliability and security of certification authority (CA) operations; guidelines to ensure consistency among jurisdictions that license CAs; and CA audit procedures. These standards would apply to all PKI activities, including those in the private sector. Donald Ramsbottom LL.B, BA (Hons). RAMSBOTTOM & Co. Solicitors Internet Law & Global Cryptology Law Specialists 5 Seagrove Avenue, Hayling Island, Hants, PO11 9EU, England. Tel (44) (023) 9246 5931 Fax (44) (023)9246 8349 Ramsbottom & Co is regulated by the Law Society in the conduct of investment business Service by Fax or E-Mail NOT Accepted From peter.fairbrother at ntlworld.com Thu Nov 2 17:31:14 2000 From: peter.fairbrother at ntlworld.com (Peter Fairbrother) Date: Thu, 02 Nov 2000 17:31:14 +0000 Subject: Hushmail In-Reply-To: Message-ID: on 2/11/00 8:45 am, Peter Fairbrother at peter.fairbrother@ntlworld.com wrote: > Finally had the time to look at hushmail. It's basically RSA except the > private keys are "encrypted with blowfish and a passphrase" (how? why?) and > stored encrypted on their server. The ony advantage I can see is that you > don't have to remember your private key. > > No forward secrecy. > > No protection against RIPA at all. > > Waste of time. At least that's from what their blurb says. After looking at the source code it might not be so bad. To start up the client sends a random-ish start session key to the server encrypted with the server's public key. Then the server sends a new session key encrypted with the start session key. "this prevents against complete session replay attacks"(?) This could provide some forward secrecy if the server changes it's public key often enough. No info on this at present, but reading between the lines it looks like they don't. Then there's the ssl in the https, but we don't trust that, do we? Especially when we don't know what protocol it's using. Hushmail use ElGamal not RSA. And there was me believing the blurb! Jack the RIPA From oml at eloka.demon.co.uk Thu Nov 2 19:06:23 2000 From: oml at eloka.demon.co.uk (Owen Lewis) Date: Thu, 2 Nov 2000 19:06:23 -0000 Subject: BBFC? VCHIP-UK? References: <200010261331.OAA23610@coyote.uk.sun.com> <004f01c03f60$e1bf6100$3e0a989e@eloka> <4a139b7f08roger.hird@argonet.co.uk> <008401c03ff9$e1bc6240$3e0a989e@eloka> <4a1403555croger.hird@argonet.co.uk> Message-ID: <010b01c04500$7b2961c0$3e0a989e@eloka> ----- Original Message ----- From: "Roger Hird" To: Sent: 27 October 2000 11:03 Subject: Re: BBFC? VCHIP-UK? > On 27 Oct, Owen Lewis wrote: > > such pedantry destroys . . . . . > > Pedantry? Come on, Mr Lewis - ukcrypto is a pedants' paradise*! Filter > out the pedantry and a large proportion of the postings would never > appear. But see further below. > > *not to say a paranoids' paradise and an obsessives' . . ah, well, my > powers of alliteration fail me. All willingly agreed. > > > the filicitous counterpoint between the two > > mottos selected. 'One of the Crown's mottos', then, should you prefer :-) > > Well, I'm not sure even there. "The Crown" in the UK tends to mean the > sovereign power - and as I remember, it used to be defined by > constitutional lawyers as the King or Queen in Parliament. As such it > does not have a motto. Now, the Sovereign personally (different thing) > has the one on her coat of arms, which is the UK's coat of arms, so the UK > - all of us - has one. But "Honi soit qui mal y pense" is not hers as > sovereign or that of the UK - it is the Order of the Garter's. What you say is a truth devoid of understanding and, thus, becomes a misrepresentation. The Garter is an order of chivalry appointment to which is at the entire discretion of the ruling monarch, one of whose forebears in person instituted it and whose successors to the present day have maintained it. The Order, and hence the motto given to it by its institutor, pertains to the monarch in person and to no jack-in-office. > More seriously, these threads have been about the actions and > responsibilities and intentions of Government and Government bodies in the > UK. This is only to do with "the Crown" in its constitutional sense. The > central constitutional theme since the 17th century has been that > Parliament is sovereign (NB - small "s"). The monarch gives her/his > authority to Parliament and in Parliament and in the administration of law > and justice acts only on the advice of her ministers. Even the prerogative > power is only excercised on advice. Those things she/he does in a > personal capacity are strictly limited (including, actually, her role as > sovereign of the Order of the Garter). So you may say and repeat a popular, or rather a populist, view in doing so. Read on. > > So while you might have made an apparently clever point it was not as > felicitous as you thought it - and it was really rather infelicitous to > link something personal to the monarch to the exercise of state power by > parliament and by ministers and their officials. Very well then, prenez garde! It's pedantry at 20 paces. Surely, you find the thought, that the state can even arrogate to itself what is and should remain at the personal will of the monarch, much to your liking? It was a part of my purpose to include that thought within my construction of incongruities. I'm sorry that your interpretation of that construction should lead you to stand with one leg each side of a widening fissure. If not uncomfortable now, do take care that position does not become so. Those who bear arms for the nation are Crown servants. They swear an oath of allegiance to the reigning monarch and 'her heirs and successors'. Such allegiance as they may owe to Parliament is at the sole pleasure of Her Majesty. Should Her Majesty so require it of them, it would not only be their duty but, to many, a welcome one, to enter the Commons's chamber and to evict the mountebanks, who squat in her Palace of Westminster, at the point of a bayonet. Such is the law of our land. A quaint anomaly is that it is not the monarch's privy purse that pays for the Armed Forces but Houses of Parliament that rely for their very existence upon Her Majesty's continuing goodwill. It is for this reason that, in its turn, Parliament ensures that the Armed Forces cannot be kept permanently in being,. It sanctions their payment and hence their continuance only for one year at a time. Thus it has been since the Restoration. Members of Parliament are not Crown servants in the way that the Armed Forces and others are but (pace Peter Mandelson, Gerry Adams et al) they are still required to swear an oath of allegiance to the monarch before they may sit in her Palace of Westminster. You may know too that those Member's of the Commons in opposition to Her Majesty's government are, collectively, known as 'Her Majesty's loyal opposition', they also being bound to the monarch in person by their oaths. The Crown is a term for the monarchical office from which all else, including the executive and parliament, draw their authority. Given that it is now a common usage to apply the term 'Crown' to mere jack's-in-office, your mistaken understanding is a commonplace but remains unforgivable in one seeking to make his reputation as a pedant. Without wishing to inhibit your right of reply, should we perhaps continue this exhibition match behind the arras of private mail? With regards, Owen From C.R.Ritson at ncl.ac.uk Thu Nov 2 14:48:40 2000 From: C.R.Ritson at ncl.ac.uk (Chris Ritson) Date: Thu, 02 Nov 2000 14:48:40 +0000 Subject: RIP questions In-Reply-To: References: <69DB54A9E557D411865000508BA704BAB1178B@MAIL2> Message-ID: <4.3.1.1.20001102144343.00af4ed0@popin.ncl.ac.uk> At 23:30 01/11/2000 +0000, you wrote: >On Wed,