Interesting People mailing list archives
Policies for dealing with insecurely certified email
From: John Gilmore <gnu () toad com>
Date: Sun, 01 Aug 93 14:05:48 -0700
The education process that is in front of almost all of us in bringing corporate management and the legal and financial community up to speed and into agreement on all these issues is rather daunting.)
Especially when we don't even agree. I find all this talk of 'good guys' and 'bad guys' disconcerting. I thought that we were deploying PEM to *enable* secure communication, not to *disable* it. I thought that people's emailed messages would be evaluated based on their content, not based on who they know or what `in-group' they are a part of. Let's not implement automated redlining and blacklisting now that we have this great email network that connects everyone... Bob, perhaps you can explain why you said:
For example, if the President chooses to implement a local policy for White House staff that prevents encrypted communication with someone who refuses to adequately identity himself, e.g., someone certified under the Persona PCA, (not an unreasonable policy, I should think)
I guess they should turn off all the telephones except from authorized callers, too. And refuse to open postal mail that doesn't come with an FBI-certified return address. Might as well run the email through metal detectors, too. Richard Nixon would love such a `Fortress White House' policy. Somehow it doesn't seem the Clinton style, though. Would the policy prevent *unencrypted* communication with someone who doesn't use PEM at all? Would it disenfranchise non-PEM users, or Persona users, from communicating with the White House at all? The Supreme Court has already decided that it's unconstitutional to require that a *publication* identify who it came from. In Talley v. California, 362 U.S. 60 (1960), they declared a Los Angeles ordinance `void on its face' because it required that handbills provide a name and address. The handbills in question provided the identification "National Consumers Mobilization, Box 6533, Los Angeles 55, Calif; PLeasant 9-1576" (the equivalent of a few Persona addresses). The city decided decided that this didn't meet the statute, which required the true name and address of the owner or manager of the organization. The Supreme Court said, "There can be no doubt that such an identification requirement would tend to restrict freedom to distribute information and thereby freedom of expression. ... Anonymous pamphlets, leaflets, brochures and even books have played an important role in the progress of mankind. Persecured groups and sects from time to time throughout history have been able to criticize oppressive practices and laws either anonymously or not at all. ... Two Puritan Ministers, John Penry and John Udal, were sentenced to death on charges that they were responsible for writing, printing, or publishing books. Before the Revolutionary War colonial patriots frequently had to conceal their authorship or distribution of literature that could easily have brought down on them prosecutions by English-controlled courts. Along about that time the Letters of Junius were written and the identity of their author is unknown to this day. Even the Federalist Papers, written in favor of the adoption of our Constitution, were published under fictitious names. It is plain that anonymity has sometimes been assumed for the most constructive purposes." The Court has upheld this policy in numerous other cases (e.g. Brown v. Socialist Workers Party (1982), Thornburgh v. American College of Obstetriticans and Gynecologists (1986)). My strong suspicion is that any such policy in the White House would also be declared unconstitutional. (This case involves the right to petition the government for redress of grievances, rather than the right to publish, but both are important civil rights in which anonymity is key to having unpopular opinions heard.) There are really two issues here: Whether it's a a good idea to block email from non-securely-identified parties, and whether it's constitutional for the government to do so. I hope I've convinced you of the second. Let's talk about the first. John ------- End of Forwarded Message
Current thread:
- Policies for dealing with insecurely certified email John Gilmore (Aug 01)