Re: GnuTLS (libgrypt really) and Postfix

[Victor Duchovni]

On Thu, Feb 16, 2006 at 09:36:16AM +1000, James A. Donald wrote:

 In the case in question, going bad means that the program appears to
 be encrypting data, but is NOT encrypting data, or is only trivially
 encrypting data.  This is far worse for the customer than an
 encryption program that simply aborts.
 

Who said the program's primary function is data security? The program
may be handling entirely public data, available from multiple sources.
One of the sources may offer opportunistic encrypt, which though
potentially useful, is inessential and mostly does no harm. It takes
hubris for libgrypt to *assume* that is functions are essential.

The dichotomy between pretending to encrypt data and exiting is false.
It is plainly correct to not encrypt any data and say so (return
errors from the encryption API).

I'm outta here. I did not expect any controversy on this point, and don't
expect views to shift dramatically. If the developers were open to the
issue, the request might have been fruitful. If they dig in their heels,
I am free to use other libraries.

-- 

 /\ ASCII RIBBON  NOTICE: If received in error,
 \ / CAMPAIGN Victor Duchovni  please destroy and notify
  X AGAINST   IT Security, sender. Sender does not waive
 / \ HTML MAILMorgan Stanley   confidentiality or privilege,
   and use is prohibited.

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

Sen.: White House Agrees to Spy Law Change

[feis]

Sen.: White House Agrees to Spy Law Change
By KATHERINE SHRADER, Associated Press Writer
1 hour, 35 minutes ago

Senate Intelligence Chairman Pat Roberts said he has worked out an agreement
with the White House to change U.S. law regarding the National Security
Agency's warrantless surveillance program and provide more information about
it to Congress.

We are trying to get some movement, and we have a clear indication of that
movement, Roberts, R-Kan., said.

Without offering specifics, Roberts said the agreement with the White House
provides a fix to the Foreign Intelligence Surveillance Act and offers more
briefings to the Senate Intelligence Committee.

The deal comes as the committee was set to have a meeting Thursday about
whether to open an investigation into the hotly disputed program. Roberts
indicated the deal may eliminate the need for such an inquiry. Democrats have
been demanding an investigation but some Republicans don't want to tangle the
panel in a testy election-year probe.

Whether or not an investigation is the right thing to do at this particular
time, I am not sure, Roberts told reporters while heading into the meeting.

The White House was not immediately available for comment on Roberts' statement.

Earlier in the day, White House spokesman Scott McClellan hinted at a good
discussion going on with lawmakers and praised in particular some good
ideas presented by Sen. Mike DeWine (news, bio, voting record). The Ohio
Republican has suggested the FISA law be changed to accommodate the NSA program.

However, McClellan left the impression that any deal would not allow for
significant changes. He said the White House continued to maintain that Bush
does not need Congress' approval to authorize the warrantless eavesdropping
and that the president would resist any legislation that might compromise the
program.

There's kind of a high bar to overcome, McClellan said. We think there's
some good ideas, but we have not seen actual legislation.

Separately, the Justice Department has strongly discouraged the Senate
Judiciary Committee from calling former Attorney General John Ashcroft and his
deputy to testify about the surveillance program, saying they won't have new
information for Congress about it.

Just as Attorney General Alberto Gonzales could not talk about the
administration's internal deliberations when he appeared before the committee
earlier this month, neither can Ashcroft nor his former No. 2, James Comey,
Assistant Attorney General William Moschella said in a letter to Senate
Judiciary Committee Chairman Arlen Specter, R-Pa.

The letter, written Wednesday, was obtained by The Associated Press.

In light of their inability to discuss such confidential information, along
with the fact that the attorney general has already provided the executive
branch position on the legal authority for the program, we do not believe that
Messrs. Ashcroft and Comey would be in a position to provide any new
information to the committee, Moschella wrote. He was responding to Specter's
request that the two men testify this month.

While Moschella indicated their testimony wouldn't be of value, he did not say
the committee could not call Ashcroft and Comey to appear.

The Judiciary Committee has been looking into the legality of the National
Security Agency's program. In a heated daylong hearing on Feb. 6, four
Republicans joined the committee's Democrats in raising questions about
whether President Bush went too far in authorizing the wiretapping without
court warrants.

Specter wants the secretive Foreign Intelligence Surveillance Court to review
the program's constitutionality.

Reports have indicated that Comey and others had reservations about the
program in 2004. White House Chief of Staff Andy Card and Gonzales, then the
White House counsel, visited Ashcroft about those issues while Ashcroft was in
the hospital for gallstone pancreatitis.

___

Associated Press Writer Mark Sherman contributed to this report.
http://news.yahoo.com/s/ap/20060216/ap_on_go_co/eavesdropping_4printer=1;_ylt=A86.I2Ct.vRD4L0AqQWMwfIE;_ylu=X3oDMTA3MXN1bHE0BHNlYwN0bWE-


-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]