[H-GEN] Constitutional amendments

Paul Gearon pag at tams.com.au
Fri Jun 26 03:47:49 EDT 1998


On Friday, June 26, 1998 5:05 PM, David Starkoff
[SMTP:dbs at humbug.org.au] wrote:
> On Fri, 26 Jun 1998, Paul Gearon wrote:
> Personally, I wasn't going to stipulate too much in the Constitution.
We
> don't know what's going to happen in the future regarding
cryptographic
> technology, and there are other means of authentication besides PGP or
> MD5.

I definately agree that the constitution shouldn't mention any specific
system or software by name.  Instead I'd be inclined to simply specify
digital encyption/authemtication as implemented by protocols ratified by
the commitee (or general vote).  That would lend flexibility, but at the
same time disallow people trying to encrypt official business with
something stupid like DES.

<snip>
> Being an incorporated association means that we're subject to certain
> legislation.  And, in certain circumstances, this includes the
> Corporations Law.
> 
> And, unfortunately, the legislatures, both Commonwealth and State,
aren't
> as forthright with respect to the introduction of technological
> innovations as your typical HUMBUG member.  Similarly, all indications
are
> they they don't share our faith in cryptographic protocols.

Quite correct, which is why I suggested the inclusion of these protocols
in the constitution.  Perhaps I'm just naiive (no, let me rephrase that
- I _am_ naiive) but I would think that any protocol like this could be
considered legitimate if it were specifically mentioned in something
like the constitution or a contract.  In terms of contracts, practically
anything mentioned which isn't in violation of the law can be made
enforcable.  Constitutions also regularly state that individuals must
meet certain conditions in order for something to be considered valid,
and these conditions may have no association with legislation.  Couldn't
these principles be extended to encryption protocols?

The more legally minded may be able to enlighten me here.

> I *think* that one of the provisions in the Corporate Law Review Bill,
> before Federal Parliament at the moment, states that you can't proxy
by
> fax.  I'm pretty sure that there are no provisions with respect to
other
> forms of authentication other than a vanilla signature.

So long as we stay within the realms of the law.

> Although I believe that an incorporated association (under the
> Associations Incorporation Act) is not subject to the Corporations Law
for
> most of its operations, it's still something to be aware of.  Before
we go
> rushing headlong into setting up a cryptographically secure on-line
> polling booth for executive elections.

I wouldn't want to rush into anything at all.  I was just hoping to open
up some debate about where we want to stand on it.

My concern was in case someone tried to dispute an electronic proxy
which had been authenticated.  Without careful provision in the
constitution the people using the authentication system wouldn't have a
legal leg to stand on, even if it could be proven beyond mathematical
doubt that the proxy was authentic.  Since everyone is currently happy
to use and trust systems like PGP, I figured that we could remove all
ambiguities about its use.  (Perhaps even set up a precedent for
corporate contracts   :-)

> But, at the moment, electronic proxies are in.

Nice to hear it.

Paul Gearon
gearon at computer.org

Microsoft - Where every morning is the dawn of a new error.





More information about the General mailing list