Adam Back <aba(_at_)dcs(_dot_)ex(_dot_)ac(_dot_)uk> wrote:-
Specific questions relating to the standard are perhaps:
- Are the certificate flags informing the recipient that
communications to a key is escrowed, and that email which is not
encrypted to the escrow key will be bounced expected to be part of the
Open PGP standard.
In my view there is absolutely NO point it attempting to prescribe what
applications may or may not do beyond inter-operatability. You may have
recommendations for what users should demand and accept, but you shouldn't
be attempting to enforce those views on users or application writers.
- Can a conforming application ignore the key escrow flags?
Yes, but if the recipient's company runs PGPInc.'s screening SMTP server
you need an envelope that at least appears to be encrypted to the escrowed
key.
There are two approachs:-
1) Automatically double encrypt. Provide a escrow key access only to the
outer layer of encryption.
2) Include a PKE packet for the escrow key containing the wrong value as
session key.
I don't think that IETF should say which of the available options that
application should present to the user. However any software I write will
include options for humouring escrow arrangements without leaking
information whereever this is possible.
Ian
--
Ian_Miller(_at_)bifroest(_dot_)demon(_dot_)co(_dot_)uk FAI-D10204
PGP Fingerprint: 2A20 4610 E596 2740 91B1 95BA CAD3 BC14
Antworten auf Deutsch waeren mir angenehm.