10 November 1997
Source: Mail list cypherpunks@toad.com

Date: Mon, 10 Nov 1997 08:50:20 -0800 (PST)
From: Declan McCullagh <declan@well.com>
To: fight-censorship@vorlon.mit.edu, cypherpunks@toad.com
Subject: President's critical infrastructure commission and crypto

---------- Forwarded message ----------
Date: Sat, 08 Nov 1997 20:36:10 -0500
From: Kawika Daguio <KDAGUIO@aba.com>
To: fight-censorship-announce@vorlon.mit.edu, declan@well.com
Subject: FC: President's critical infrastructure commission and crypto -Reply

I worked with the PCCIP and the National Security Telecommunications 
Advisory Council on their recent infrastructure assurance reports.  
The financial sector received high marks and won praise from both groups.
We shared more information about ourselves and our systems than anyone 
other than the regulators have ever seen.  The investigators were 
impressed, as would you be if you were to see the unreleased parts of 
the report.  

I expect, however, that much of the report will never be released.

Some of the information we shared included pictures, and physical 
locations (addresses, floor diagrams), and network diagrams 
identifying payment system and other financial sector traffic and 
infrastructure.  These kinds of data were shared only because of the 
protective terms of the information sharing understandings.  This 
information will not be made public as long as it remains sensitive.  

Other information about the specific security infrastructures or the 
typical security infrastructures employed by banks and the ways we 
prevent, detect, contain, and pursue compromises is also sensitive.

I would hope that those seeking information about the unreleased 
portions of the report recognize our interest in protecting sensitive 

my opinion
my employer's may differ
kawika daguio

Note: Kawika Daguio works with the American Bankers Association. See the unclassified version of the PCCIP report: http://www.pccip.gov/report_index.html