ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Key Escrow Issues

1997-10-10 17:49:18
from [William H. Geiger III] [Permanent Link] 
-----BEGIN PGP SIGNED MESSAGE-----

In <343DED32(_dot_)D61C7C0C(_at_)cs(_dot_)ucl(_dot_)ac(_dot_)uk>, on 10/10/97 
   at 03, Ian Brown <I(_dot_)Brown(_at_)cs(_dot_)ucl(_dot_)ac(_dot_)uk> said:


PGP 5.5 does not distingush between communication keys and storage keys.
Communication keys MUST NOT GAK.



Absolutely. I thought this was one thing we *had* managed to establish.
Was PGP Inc. getting overwhelming feedback from customers that this
wasn't the case?


I have to disagree on different levels here.

1) E-mail is not just communication but is document storage too. Wether
this is a good thing or a bad thing is not an issue but the fact that it
is being used in this manner is.

2) Corporate Access to Plain Text. This seems to be the issue that rubs
people the most. They don't like the ideal of a company reading it's
employees mail. Well documents generated in a e-mail system are company
documents. Plain and simple, I have yet to see a convincing argument that
a company does not have a right to access it's own document.

3) PGP 5.5's Corporate Access to Plain Text is not GAK, and it is not Key
Escrow. No one is getting access to a users private keys. GAK is
"Government Access to Keys", Key Escrow is the escrowing of keys. Neither
of these things are happening here. What is happening here is Corporate
Access to Plain Text. If you don't like CAPT then one needs to provide a
reasonable argument why a company does not have the right to it's own
documents. If you don't like technical details of how PGP 5.5 provides
CAPT then you should drop the politicization of what should be a technical
discussion.

- -- 
- ---------------------------------------------------------------
William H. Geiger III  http://www.amaranth.com/~whgiii
Geiger Consulting    Cooking With Warp 4.0

Author of E-Secure - PGP Front End for MR/2 Ice
PGP & MR/2 the only way for secure e-mail.
OS/2 PGP 2.6.3a at: http://www.amaranth.com/~whgiii/pgpmr2.html                 
       
- ---------------------------------------------------------------

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a
Charset: cp850
Comment: Registered_User_E-Secure_v1.1b1_ES000000

iQCVAwUBND7PSo9Co1n+aLhhAQHyrAP9H7rGf3bS4kDkTets/NOE9Be48WEK8Rs7
jtox+eJS9QCoJChS1j+Zsqp+tRelW++oGrXIlav/urLqE40Ti8O4TL8CsJ5hWAR3
Y9/aoZI8298WIDvPD4h0brCpREDOa0lIJ76ACFqYehABwreLYYg+Va3KkDteeFfW
VUtyouSYgL8=
=FR7l
-----END PGP SIGNATURE-----
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: PGP CAKware & IETF controlled Open-PGP standard, Hal Finney
Next by Date:  Re: PGP CAKware & IETF controlled Open-PGP standard, Andrew Bromage
Previous by Thread:  Re: Key Escrow Issues, Ian Brown
Next by Thread:  PGP CAKware & IETF controlled Open-PGP standard, Adam Back
Indexes:  [Date] [Thread] [Top] [All Lists]