New Computer Security Act
John Young
jya at pipeline.com
Wed Sep 17 23:24:07 PDT 1997
The Computer Security Enhancement Act of 1997 (HR1903)
is intended to replace the Computer Security Act of 1987.
It redefines the role of NIST in meeting federal computer security
and encryption requirements through cooperation of industry.
Public use of encryption is also addressed in the bill.
Two lengthy reports on the bill have been issued recently, both
of which provide overviews of the current encryption debate.
House Report 105-243, published on September 3, provides a
detailed analysis of the bill, hearings held, floor remarks and
mark-ups since introduction:
http://jya.com/hr105-243.txt (115K)
And one published today includes recent floor remarks on
encryption, mostly supportive of public use:
http://jya.com/hr1903-floor.htm (44K)
One point of contention is the evaluation of foreign encryption.
The original bill put that responsibility on NIST, but the latest version
deleted that and leaves the task to BXA (and unnamed others).
Moreover, there's dispute over committee jurisdiction for other
provisions.
Information security now attracts the swarm, with encryption the
moths' beacon.
More information about the cypherpunks-legacy
mailing list