Return-Path: <sentto-279987-4559-1015363064-fc=all.net@returns.groups.yahoo.com> Delivered-To: fc@all.net Received: from 204.181.12.215 [204.181.12.215] by localhost with POP3 (fetchmail-5.7.4) for fc@localhost (single-drop); Tue, 05 Mar 2002 13:19:12 -0800 (PST) Received: (qmail 17309 invoked by uid 510); 5 Mar 2002 21:18:03 -0000 Received: from n26.groups.yahoo.com (216.115.96.76) by all.net with SMTP; 5 Mar 2002 21:18:03 -0000 X-eGroups-Return: sentto-279987-4559-1015363064-fc=all.net@returns.groups.yahoo.com Received: from [216.115.97.163] by n26.groups.yahoo.com with NNFMP; 05 Mar 2002 21:00:21 -0000 X-Sender: skolyamibyor@yahoo.com X-Apparently-To: iwar@onelist.com Received: (EGP: unknown); 5 Mar 2002 21:17:44 -0000 Received: (qmail 87506 invoked from network); 4 Mar 2002 17:42:12 -0000 Received: from unknown (216.115.97.172) by m9.grp.snv.yahoo.com with QMQP; 4 Mar 2002 17:42:12 -0000 Received: from unknown (HELO web21003.mail.yahoo.com) (216.136.227.57) by mta2.grp.snv.yahoo.com with SMTP; 4 Mar 2002 17:42:11 -0000 Message-ID: <20020304174210.95680.qmail@web21003.mail.yahoo.com> Received: from [216.179.3.158] by web21003.mail.yahoo.com via HTTP; Mon, 04 Mar 2002 09:42:10 PST To: iwar@yahoogroups.com, Information Warfare Mailing List <iwar@yahoogroups.com> In-Reply-To: <200203041532.g24FWON05367@red.all.net> From: skolyamibyor <skolyamibyor@yahoo.com> X-Yahoo-Profile: skolyamibyor Mailing-List: list iwar@yahoogroups.com; contact iwar-owner@yahoogroups.com Delivered-To: mailing list iwar@yahoogroups.com Precedence: bulk List-Unsubscribe: <mailto:iwar-unsubscribe@yahoogroups.com> Date: Mon, 4 Mar 2002 09:42:10 -0800 (PST) Subject: Re: [iwar] [fc:Security.Systems.Standards.and.Certification.Act] Reply-To: iwar@yahoogroups.com Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Too little and way too late for your buddy Bugs. --- Fred Cohen <fc@all.net> wrote: > Security Systems Standards and Certification Act > > Sponsors: Sen. Fritz Hollings (D-S.C.), chairman of > the Senate Commerce > committee, and Sen. Ted Stevens (R-Alaska). Draft > dated August 6, 2001. This > bill has not been introduced as of September 7, > 2001. > > Keystroked by Declan McCullagh, all typos his. > Comments in [brackets] are > his. The bill is 19 pages long; much of the text is > summarized and placed in > brackets. > > Complete text of SSSCA draft (2.5 MB PDF file): > > <a > href="http://cryptome.org/sssca.htm">http://cryptome.org/sssca.htm> > (now in > HTML) > <a > href="http://gnu-darwin.sourceforge.net/sssca-draft.pdf">http://gnu-darwin.sourceforge.net/sssca-draft.pdf> > <a > href="http://www.nullify.org/sssca-draft.pdf">http://www.nullify.org/sssca-draft.pdf> > <a > href="http://sites.inka.de/risctaker/sssca-draft.pdf">http://sites.inka.de/risctaker/sssca-draft.pdf> > <a > href="http://www.parrhesia.com/sssca-draft.pdf">http://www.parrhesia.com/sssca-draft.pdf> > > Title I -- Security System Standards > > Sec. 101: Prohibition of Certain Devices > > (a) In General -- It is unlawful to manufacture, > import, offer to the > public, provide or otherwise traffic in any > interactive digital device that > does not include and utilize certified security > technologies that adhere to > the security system standards adopted under section > 104. > > (b) Exception -- Subsection (a) does not apply to > the offer for sale or > provision of, or other trafficking in, any > previously-owned interactive > digital device, if such device was legally > manufactured or imported, and > sold, prior to the effective date of regulations > adopted under section 104 > and not subsequently modified in violation of > subsection (a) or 103(a). > > Sec. 102: Preservation of the Integrity of Security > > An interactive computer service shall store and > transmit with integrity any > security measure associated with certified security > techologies that is used > in connection with copyrighted material or other > protected content such > service transmits or stores. > > Sec. 103: Prohibited Acts > > (a) Removal or Alteration of Security -- No person > may -- > > (1) remove or alter any certified security > technology in an interactive > digital device; or > > (2) transmit or make available to the public any > copyrighted material or > other protected content where the security measure > associated with a > certified security technology has been removed or > altered. > > [Summary: Personal TV/cable/satellite time-shifting > copies normally must be > allowed by certified security technologies] > > Sec. 104: Adoption of Security System Standards > > [Summary: The private sector has 12 months to agree > on a standard, or the > Secretary of Commerce will step in. Industry groups > that can participate: > "representatives of interactive digital device > manufacturers and > representatives of copyright owners." If industry > can agree, the secretary > will turn their standard into a regulation; if not, > normal government > processes apply and NTIA takes the lead. The > standard can be later modified. > The secretary must certify technologies that adhere > to those standards. > Also: "The secretary shall certify only those > conforming technologies that > are available for licensing on reasonable and > nondiscriminatory terms." > FACA, a federal sunshine law, does not apply, and an > antitrust exemption is > included.] > > Sec. 108: Enforcement > > The provisions of section 1203 and 1204 of title 17, > United States Code, > shall apply to any violation of this title as if -- > > (1) a violation of section 101 or 103(a)(1) of this > Act were a violation of > section 1201 of title 17, United States Code; and > > (2) a violation of section 102 or section 103(a)(2) > of this Act were a > violation of section 1202 of that title. > > Sec. 109. Definitions > > In this title: > > (1) Certified security technology -- The term > "certified security > technology" means a security technology certified by > the Secretary of > Commerce under section 105. > > (2) Interactive computer service -- The term > "interactive computer service" > has the meaning given that term in section 230(f) of > the Communications Act > of 1984 (47 U.S.C. 230(f)). > > [Note: According to 47 U.S.C. 230(f), an > "interactive computer service" > means "any information service, system, or access > software provider that > provides or enables computer access by multiple > users to a computer server, > including specifically a service or system that > provides access to the > Internet and such systems operated or services > offered by libraries or > educational institutions."] > > (3) Interactive digital device -- The term > "interactive digital device" > means "any machine, device, product, software, or > technology, whether or not > included with or as part of some other machine, > device, product, software, > or technology, that is designed, marketed or used > for the primary purpose > of, and that is capable of, storing, retrieving, > processing, performing, > transmitting, receiving, or copying information in > digital form." > > (4) Secretary -- The term "Secretary" means the > Secretary of Commerce [Takes > effect at the date of enactment, except for sections > that wait for federal > standard.] > > Title II -- Internet Security Initiatives > > [Summary: Creates 25-member federal "Computer > Security Partnership Council." > Funds NIST computer security program at $50 million > starting in FY2001, > increasing by $10 million a year through FY2006. > Funds computer security > training program starting at $15 million in FY2001. > Creates federal > "computer security awards." Requires NIST to > encourage P3P and similar > privacy standards] > > Penalties summarized (by Declan): > > Criminal penalties apply to violations of sec. 102 > or 103(a)(2). That > includes the "interactive computer service shall > store and transmit" without > removal section, and the distribute "any copyrighted > material or other > protected content where the security measure > associated with a certified > security technology has been removed or altered." > > The criminal penalties are: "(1) shall be fined not > more than $500,000 or > imprisoned for not more than 5 years, or both, for > the first offense; and > (2) shall be fined not more than $1,000,000 or > imprisoned for not more than > === message truncated === __________________________________________________ Do You Yahoo!? Yahoo! Sports - sign up for Fantasy Baseball http://sports.yahoo.com ------------------------ Yahoo! Groups Sponsor ---------------------~--> Tiny Wireless Camera under $80! Order Now! FREE VCR Commander! Click Here - Only 1 Day Left! http://us.click.yahoo.com/nuyOHD/7.PDAA/yigFAA/kgFolB/TM ---------------------------------------------------------------------~-> ------------------ http://all.net/ Your use of Yahoo! Groups is subject to http://docs.yahoo.com/info/terms/
This archive was generated by hypermail 2.1.2 : 2002-12-31 02:15:04 PST