> Date: Tue, 20 May 1997 20:27:08 -0400
> From: Matt Blaze <email@example.com>
> Subject: RISKS of Key-Recovery Encryption
> In January 1997, an ad-hoc group of cryptographers and computer
> scientists met to explore the technical implications, risks, and costs
> of the ``key recovery'', ``key escrow'' and ``trusted third party''
> encryption systems being promoted by various governments. We have
> just completed a preliminary report of our findings.
> We have specifically chosen not to endorse, condemn, or draw
> conclusions about any particular regulatory or legislative proposal or
> commercial product. Rather, it is our hope that our findings will
> shed further light on the debate over key recovery and provide a
> long-needed baseline analysis of the costs of key recovery as
> policymakers consider embracing one of the most ambitious and
> far-reaching technical deployments of the information age.
Why would they not make any endorsements or condemnations? Just so that
people will draw our own conclusions from the reports?
> Our preliminary report is available as follows:
> On the web at:
> In PostScript format via ftp:
> In plain ASCII text format via ftp:
It's kind of interesting. Worth a look if this topic interests you at
all. There's even going to be a workshop on information hiding:
> See http://www.cl.cam.ac.uk/users/rja14/ihws.html for the call for papers.
> Papers should be submitted by 31 Dec 1997 to firstname.lastname@example.org
Actually, this is the second one:
> Details of the first (1996) information-hiding workshop are at
Moving on, red rock makes an interesting point about push...
> Remember "push" technology? Gosh, it seems like two months ago
> already. Seriously, why have 1000 times more people heard of "push"
> technology than IP Multicast?
Push has better marketing? And IP multicast is just a technology,
whereas push seems to be a way of life for some people....
> Once the oligopoly is in place, how long until the large carriers start
> merging? Maybe they'll have to, for several reasons. For example, if
> one carrier becomes a dominant player in the market to provide Internet
> service to large businesses then it can start offering quality-of-service
> guarantees within its own system, thus creating network externalities
> for its customers. Can someone explain why this won't happen? I've sat
> through a lot of lectures about the inherently decentralized nature of the
> Internet and all the geodesic this-and-that, including lectures by people
> who claim to be authorities on telecom economics, but I still haven't
> gotten anything like an explanation of why the Internet is any different
> in its fundamental economics from the phone system.
Fundamentally, the service model IS the same.
> The fight over domain names illustrates what I mean. Domain names are a
> lot like telephone numbers, and the fight over domain names is a Keystone
> Kops parody of the longstanding dispute about phone numbers in analyses
> of telecom competition. The level of ideology here is amazing. First the
> government, seized by the private-good-public-bad logic that substitutes
> for thought these days, decided to privatize the issuance of domain names
> -- by simply handing over the function to a private firm. This isn't just
> happening with domain names, of course. It's also happening with water
> utilities and all sorts of other essential services worldwide. But let's
> focus on domain names.
> Government services might be clunky and drab, but at least they are
> subject to some kind of democratic accountability, for example through
> being hassled by members of Congress when they make people mad. Private
> monopolies operate under no such constraints, and in any normal world we
> would be unmystified by the dramatic deterioration in domain-name service
> since the government stopped doing it. If you're going to privatize
> domain name service, or anything else, you need to create the conditions
> for a fair market. That's what telecom policy is all about. If you
> want a fair market in phone service, people need to be able to move their
> phone numbers from one carrier to another without significant expense.
> Likewise, if you want a fair market in domain service, people need to be
> able to move their domain names from one service to another. Doing this
> neatly and cleanly is a very technical matter, and it turns out that small
> details of the rules can make a big difference as a practical matter in
> the fairness of the marketplace. And so why is this knowledge not being
> applied to the Internet? Because the myth of the "vast and unregulated
> Internet" keeps short-circuiting our brains.
> So what's the deal here? Do I favor centralization? Is that why I keep
> making these inconvenient arguments? No, I believe in a decentralized
> distribution of power in society. What I disagree with is arguments that
> technological developments will, all by themselves, bring us that kind
> of society. Those arguments are, so far as I can tell, pure stipulation.
> And what's this stuff about regulation? Am I in *favor* of regulation?
> Regulation isn't inherently good; I do not have, as one Internet rhetor
> put it, a psychotic need to control people. I want a telecommunications
> infrastructure that can support a democratic society. In pursuit of that
> goal, I think hard about the interactions between technology, economics,
> and policy, I write down whatever conclusions I come to, and I hope that
> democratic societies care enough to take the effort to stay democratic.
Yes, us too...
Moving on to Microsoft...
> My most recent rant about Microsoft was certainly over the top in its
> rhetoric, but long-time readers of this list are aware of the substantive
> analysis that backs it up. My message was apparently posted to some
> other lists, whose members wrote me all sorts of poignant messages of
> the sort that result from lack of understanding of economics. Some of
> these messages included detailed catalogues of every mistake that MS's
> competitors have ever made. These analyses miss the point, however, until
> they explain in structural terms why such mistakes could lead to such
> catastrophic and irreversible defeats.
> Particularly poignant were the messages from the good and talented people
> who work in the trenches of MS, talking with users and making deadlines
> without seeming to understand their own company's strategy or the economic
> dysfunctions that allow that strategy to work. If all you've heard is the
> usual stuff about markets -- the quaint 18th century theory of supply and
> demand that has little to do with the high-technology markets of the 21st
> century -- then any claim that inferior products dominate a market will
> inevitably seem to imply that customers are stupid, that employees are
> stupid, or that big bad government is meddling. It is not so, and none of
> these implications has any part of my argument.
> Nor are MS's products uniformly bad. MS's componentization and object
> strategies are aligned with broad trends in the industry, and are just as
> competent as the competition's -- just more proprietary. The stuff about
> market dysfunctions is just a broad generalization; each market, and each
> technical feature, has to be analyzed in its own terms. And, like most
> people, I expect big things from the world-class people that MS has been
> hiring in the last year or so, particularly in computer graphics. Dollars
> to donuts says those big things will employ proprietary standards whenever
> possible, but they will be big nonetheless. The point, then, is not that
> MS produces bad software through any kind of character failing. Nor is
> the point that the market is specifically selecting for poor quality. The
> point, rather, is that the dysfunctions of high-technology markets often
> reward other things besides quality, for example the highly developed
> strategies by which proprietary standards come to be entrenched in markets
> due to the obscure wonders of network externalities. This is not the only
> force in the market, but neither is it a marginal force.
The dysfunctions of high-technology markets often reward other things
besides quality. I love that.
> Recent reporting on Microsoft: Ken Auletta has a longish article on Nathan
> Myhrvold's legendary memoranda in the 5/12/97 New Yorker (they really
> didn't see the Internet coming), and the 5/26/96 issue of Fortune includes
> a good article on Microsoft's NT strategy. Look at MS's strategy with
> both Windows and Office: starting with a system that enjoys overwhelming
> market share and whose position is reinforced by network effects, then
> successively adding components to that core system that compete with
> applications companies, compensating if necessary for the relatively poor
> quality of those components by drawing on immense cash reserves and a vast
> distribution system to cut prices until network effects take hold. Next,
> imagine what would happen if MS could generalize that strategy to NT and
> If you can't get the word "scalability" out of your head then
> you get the picture.
What happened on Scalability Day anyway? Anyone?
> A directory of anti-Microsoft Web sites can be found at
> I can't say that I was enlightened by the few that I clicked on at
> random, but maybe others will find something of value.
I didn't find anything enlightening here either.
Moving on, to turtles on turtles on turtles...
> I recommend an interesting online newsletter called "Above the Crowd",
> edited by J. William Gurley of Deutsche Morgan Grenfell and described as
> "a bi-weekly publication focusing on the evolution and economics of the
> Internet". To subscribe, send a message to email@example.com
> with the word "subscribe" in the body. I would forward an issue to RRE,
> but it's copyrighted and I haven't gotten any response to my request for
> reprint permission.
The latest issue was pretty good.
> John Ousterhout has an interesting rant against Java at
> The Usability Professionals' Association is at http://www.upassoc.org/
:) Another interesting one.
> As a frequent user of the Lynx Web browser for plain-ASCII terminals,
> I've found the Web becoming less and less Lynx-friendly, and in more and
> more gratuitous ways. Now, thanks to http://world.std.com/~adamg/we.html ,
> I have a name for this syndrome: these sites have been dehanced for Lynx.
> Check out their links to particularly dehanced sites, as well as their
> style tips for Lynx-compatibility.
:) I like this a lot, too.
> Recommended records, all of which can be described as "folk".
> Steve Earle, I Feel Alright (Warner, 1996). Excellently produced electric
> white-boy blues by a guy who's wrestling full-time with the devil himself.
I like this album, too.
> "experts such as Metcalfe predict similar
> types of outages next year as telecommunications companies and Internet
> providers struggle to keep up with demand". But this struggle would
> still be taking place if users paid for Internet routing by the packet,
> given the rapid increase in demand. Is that increased demand a result
> of economic distortions that underprice the service? If it was then the
> companies wouldn't be investing all that money to provide the services.
> Will these experts eventually suffer the same mockery as the scientists
> who have been predicting for however many decades that the whole global
> ecosystem will collapse real soon now? I hope not. What I hope is that
> everyone recognizes that modern information and communications services
> operate by very different rules than the commodities that motivated the
> simple classical supply-and-demand stories in the 18th century. Many
> economists already recognize this, and I hope it's their thinking that
> is reflected in coming generations of the Internet architecture and not
> that the ideology of those who simply cannot stand to see anybody eat a
> free lunch. Of course, I'm arguing with a newspaper article here. Maybe
> the liberal media have tried to make Bob's argument sound stronger than
> it is. [And, I would note here in May, that Bob did eat his words, just
> as he promised.] My point is simply that we shouldn't slip into an easy
> equation between technical difficulties and delays on the Internet and the
> need to erode the practice of flat-rate pricing.
Man, the flat-rate pricing model needs fixing...
Everyone's a little queer, why can't she be a little straight? I'm told
she's a lesbian, I thought I had found the one. We were good as married
in my mind, but married in my mind's no good. Pink triangle on her
sleeve, let me be the one.