(following text was approved at the June 1998 TACDFIPSFKMI meeting) Dear Mr. Secretary: We respectfully submit the attached technical input from the “Technical Advisory Committee to Develop a Federal Information Processing Standard for the Federal Key Management Infrastructure” (TAC) for Requirements for Key Recovery Products. The TAC is cognizant of the steps you are obligated to take under various statutes and policies to seek public comment in making your determination about implementing a Federal Information Processing Standard. However, the TAC believes significant, substantive additional work is necessary before this document will be ready for the next step in the process. Specifically, we believe that this document is not ready to be released for public comment, to be used as a basis for generation of answers to policy questions relevant to a FIPS, or to begin planning for development of implementation guidance. With regard to this latter topic, we suggest initiating work on detailed implementation guidance, once this document is completed. Such guidance will be essential to the successful deployment of any key recovery system (KRS), since many aspects of KRS security are outside the scope of the work we have undertaken. We also urge pursuit of conformance testing based on the NVLAP model, e.g., as employed for FIPS 140-1. Because of the complexity and security sensitivity of KRS technology, we do not support vendor self-declaration of conformance. The TAC has made substantial progress and a completed version of the work begun here could provide a basis for the development of a FIPS. However, the TAC encountered some significant technical problems that, without resolution, prevent the development of a useful FIPS. There are unresolved conflicts among some requirements. In addition, the model that underlies the product evaluation process is not yet complete. In retrospect, the time and effort devoted to this task were not sufficient to develop an adequate set of technical requirements for a FIPS. Because the focus of this work is security, we feel that it is critically important that we produce a document that is complete, coherent, and comprehensive in addressing the many facets of this complex security technology. The attached document does not satisfy these criteria. The TAC understands that its charter expires in July of 1998. However, the TAC has gained much experience during this process, and is willing to continue to work towards the completion of its initial charge. As you know, TAC members were appointed for their individual expertise. The actions of the TAC do not have the explicit or implicit endorsement of the corporations or organizations with which its members are affiliated. On behalf of the TAC, we hope that you find our efforts have been useful, and we thank you for the opportunity to work on your behalf.