William Geiger wrote:
This is a stereotypical Strawman. "Even if PGP avoids GAK some other 3rd
party can modify it to be Gakware." Every version of PGP had the ability
to encrypt to multiple recipients. As I stated in my previous posts I can
get PGP 2.6.x to do everything 5.5 does with a couple of scripts.
Yes, but as Adam says, the average Mr. Windows can not. In any case,
this is not a narrow technical argument. Of course any system with
multiple recipients can be turned into GAKware. The point is that we
don't want to make it ANY easier for anyone to do so.
No this is not mandatory GAK compliance. Mandatory GAK compliance would be
if every copy of PGP came with a government key and the program *forced*
the user to encrypt all his messages with it.
Again, as Adam says, how long would it take for a government to
introduce legislation making this mandatory once PGP 5.5-type systems
took off? Or, more insiduously, using its purchasing power - "Federal
agencies will only buy CAK-enabled systems" - to ensure the vast
majority of systems did so.
Ok Adam here is a challenge for you:
-- Explain why Corporations do not have the right to access *their*
documents in whatever form they may be in.
Can I take this one up ;-) The point is, with *communication* keys,
corporations will have full access to the plaintext because it will be
decrypted by the recipient as soon as it arrives. I appreciate your
point about corporations being able to read *their* documents - although
doing so by snooping, without the sender's knowledge, is rather
unethical to say the least - but I don't think they have the right to
snoop on all *incoming* communications, whoever they may be from. This
is the really scary part of PGP 5.5...
explain why there were no great outcries that PGP 2.6.x is
GAKware???
...because PGP 2.6.x does not include an SMTP automatic snooping agent.
William Simpson wrote:
Let us decide _what_ the goals are, _how_ to solve the problems, and
_then_ decide the protocol details and formats to match the solution.
Absolutely. Can we start with Adam and William's proposal that we should
have three separate types of key: communication, signature, and storage.
This would be very simple to implement; probably the easiest and most
backward-compatible way would be to define a new packet type specifying
a key's usage.
Why have a communication enforcement filter, when the only usage is
supposed to be for recovering archival storage?
Absolutely. I can see the point, and appreciate the difficulties faced
by PGP Inc., in most of the CAK features of PGP 5.5. But I just can
*not* see how the twisted idea of the SMTP snooper ever came about.
Ian.