At 12:14 PM -0700 10/15/97, Rick Smith wrote:
While I think that a variety of robust and successful products will proably
emerge that support various types of key recovery, I strongly agree with
Tim on engineering grounds: Keep It Simple, Stupid.
When it comes to deciding on the contents of a standard, let's keep in mind
that we're working with a relatively new technology. We'll make more
progress by standardizing proven concepts, and these integrated key
recovery hacks don't have the operating history that vanilla PGP has. If
anything, my experience with Guard keying suggests that the proposed
mechansims aren't enough. The problem has more hair than our sheepdog.
I don't think the protocol standard needs to take a political statement
about key recovery mechanisms, but it *must* outline the protocol's
traditional security objectives pretty much the way Tim outlined them. That
sets the context for a robust protocol that has a successful history.
Thanks for the comments, and the support is nice, too.
As Rick notes, the whole "foobar recovery" (where foobar may be plaintext
messages or keys) technology is untested, besides being dangerous in
various ways.
It represents an escalation of complexity, both for the users and the
developers. (My message is being directed at the OpenPGP folks trying to
figure out what features to support, not to PGP, Inc., which can make its
own decisions about how to spend its engineering and marketing
resources...though I hope they are taking the reactions of many of us to
heart.)
At this stage, where governments of the world are planning to make foobar
recovery mandatory (either GAK or GAP), it's a bad time to launch an
untested and potentially dangerous technology. As others have noted,
Congress is already using PGP's support of message recovery as evidence
that industry can rise to the challenge of providing message recovery for
law enforcement.
OpenPGP needs to stick to basics. And PGP, Inc. needs to get back to basics.
--Tim May
The Feds have shown their hand: they want a ban on domestic cryptography
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May | Crypto Anarchy: encryption, digital money,
ComSec 3DES: 408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets,
Higher Power: 2^2,976,221 | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."