Hacker News new | ask | show | jobs
by ziddoap 425 days ago
To reduce any risks, almost everything PKI-related is conducted in public, is auditable by anyone, and is a cooperation between dozens of distinct entities located globally.

This is not analogous to a single government having non-transparent, non-auditable access to decrypt communications of its own citizens.
1 comments
wulfstan 425 days ago
Then setup the system to be more analogous. Make the publication of key issuance under this mechanism public after a period of time.

Again, I see us falling back into an "all or nothing" view of privacy and I just don't think those are the only options.

link
ziddoap 425 days ago
>Then setup the system to be more analogous. Make the publication of key issuance under this mechanism public after a period of time.

That (somewhat, barely) addresses one of ~dozen issues with the proposal.

>Again, I see us falling back into an "all or nothing" view of privacy

Not to be too pedantic, but I think the distinction between privacy and encryption is incredibly important: almost everyone agrees that privacy is a gradient. The disagreement is whether or not encryption can be a gradient. Most people do not think it can reasonably be without undermining ~everything relying on it.

link
wulfstan 425 days ago
I get the hostility towards it - as I've said elsewhere, it's practically an article of faith in our community that strong encryption == unalloyed good. And clearly it needs a lot of thinking to address potential abuse. But we've done it for other things.

> Not to be too pedantic, but I think the distinction between privacy and encryption is incredibly important: almost everyone agrees that privacy is a gradient. The disagreement is whether or not encryption can be a gradient. Most people do not think it can reasonably be without undermining ~everything relying on it.

That is a fair criticism. I would answer that by saying that encryption is just a technology, and you can employ it in very flexible ways (including e.g. n-of-m style keys) which if thought through well and legislated carefully could give the authorities more reasonable access to data when it is legally warranted.

link