Jon Callas <jon(_at_)pgp(_dot_)com> writes:
> Adam Back <aba(_at_)dcs(_dot_)ex(_dot_)ac(_dot_)uk> writes:
> >I'm not clear on this last one, but it may even be that a pgp5.0
> >implementation knows how to reply to a CMR key also.
Pardon me for being testy, Adam, but I've said this before, and I do have
other things to do.
I have been following closely list discussions and did not see this
clarified before. My question was not intended in any hostility, but
was motivated by a desire to see this clarified.
With 5.0, it recognizes the CMRK and brings up a dialog box showing you
what you're about to do. You can always remove a CMRK using 5.0 or 5.5
personal privacy/freeware.
I applaud the privacy options that are built into pgp5.x. The option
to remove the CMR in the pgp5.x personal privacy clients is a good
privacy option.
However, it does not help significantly in preventing this scenario:
Even if you believe that PGP Inc will never get an export license to
tinpotdictatorsville, there will be other companies implementing to
the OpenPGP standard in countries with freer export regulations.
These people if they choose to implement to the OpenPGP standard, will
be forced to implement the CMR feature too, otherwise the software
will not interoperate.
No.
Software that does not implement CMR will always interoperate with software
that does. That's a feature.
In one sense you are correct. However, consider:
1. If the software purposely does not implement ability to reply to
CMR public keys users of this software can not communicate with
that proportion of pgp5.5 for business deployed base which has
policy enforcement turned on.
2. If pgp5.5 with policy enforcement turned on becomes more popular
than PGP Inc anticipates with companies (and with the dictator in
tinpotdicatorsville), vendors may find themselves under pressure to
add the functionality even though it is a MAY in the standard,
becuase users find too many messages are bouncing.
3. I expect that most will comply even though it is a MAY simply
because without this they will not interoperate (in the useful
sense of being able to deliver mail) to that proportion of the
deployed base which does have pgp5.5 with policy enforcer turned on.
Steganography, or other low bandwidth subliminal channels would work,
but such techniques are advanced, and PGP Inc are not making similar
scale efforts to develop and deploy these.
Actually, we *are* considering putting in stego and some other features.
The major deciding factor about when we do them all revolves around who
will buy them.
That was not a criticism of PGP's motives; it was a statement of PGP
Inc's natural financial restrictions as a business, which I fully
appreciate.
My reasoning is this: as PGP Inc can not justify expense on such
developments, my CDR proposal would be much safer for them to
implement because it requires no steganography support, or other
privacy patches to provide protection against abuse of the software
for uses other than PGP Inc's designers intentions.
Also if Padgett is using pgp5.5 himself, and he attempts to send a
mail to someone living in tinpotdictatorsville, his client will
cooperate with the dictators wishes. If the CMR mechanism were not
used at all the dictator would find he had far less use for pgp5.6
(with CDR in place of CMR). This is because CDR does not provide any
third party access to communications. It provides third party access
for stored data. The dictator only has 1000 soldiers (it is a small
dictatorship), and they can only collect backup tapes from 100 houses
per day. They are never sure if the citizens aren't hiding another
machine somewhere. The process is inefficient and costs lots of
resources. In fact the dictators job is now much harder than it would
have been were PGP to keep the CMR method.
You are in error. The only time that you are forced to use CMR is when (1)
you share the CMRK with the other party AND (2) the strict flag is set. In
all other cases, you can opt-out, on a message-by-message basis.
If I am in error I would like to know so that I can desist from
wasting peoples time.
However I can not see that I am in error. I have been unable to find
any PGP employees or anyone else who can present a reasoned argument
as to why I am wrong that holds up under scrutiny. I do not think
this is because I am being closed minded on the subject.
I fully understand that "The only time that you are forced to use CMR
is when (1) you share the CMRK with the other party AND (2) the strict
flag is set. In all other cases, you can opt-out, on a
message-by-message basis." I understood this a week ago also.
However I simply posit that if you live in a scenario where everyone
you would like to communicate is forced to operate under your
combination: for example the local laws state all businesses and ISPs
insisting that they use pgp5.5 policy enforcer and turn on strict
flag.
This possibility seems to be being discounted as unrealistic, or at
least as being optional, because you can by pass it.
I can not see that being able to by pass it helps you in my scenario
if a) you will be detected when you do bypass it because the law
enforcers will discover they can't recover plaintext; and b) you have
a "choice" of not being able to communicate with anyone, because in
practical terms you have a need to communicate.
Adam
--
Now officially an EAR violation...
Have *you* exported RSA today? --> http://www.dcs.ex.ac.uk/~aba/rsa/
print pack"C*",split/\D+/,`echo "16iII*o\U(_at_){$/=$z;[(pop,pop,unpack"H*",<>
)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`