[Top] [All Lists]

Re: Just say NO to key escrow or CMR/ARR revisited

1997-11-05 06:09:40

In <346040BE(_dot_)CC04D7C0(_at_)cs(_dot_)ucl(_dot_)ac(_dot_)uk>, on 11/05/97 
   at 04:47 AM, Ian Brown <I(_dot_)Brown(_at_)cs(_dot_)ucl(_dot_)ac(_dot_)uk> 


A completely bogus crux.  In *both cases* we are talking about
encrypted email.  Therefore, in both cases we are talking about data
sent across an insecure network.  Therefore, in both cases the FBI has
access to the ciphertext.  In either case, data that doesn't get sent 
across an insecure network is not the issue.

Forward secrecy in email is an orthogonal issue to CMR/key escrow.

Forward secrecy in email is orthogonal to this post.

In a CMR scheme, with a mandated government recipient, the ciphertext is
sent across an insecure network. There it can be intercepted and read by
any interested TLA.

In an escrow scheme - with escrow of either decryption keys or ciphertext
encrypted to a company/FBI key *inside an organisation* -
ciphertext *outside* the organisation is not encrypted to anyone except
the recipient. It can be intercepted but not read.

You are not making any sense here.  CMR doesn't automatically give 
keys to anyone.

No, I didn't say that. With a mandated government recipient, no keys need
to be handed over. The ciphertext can be read as is.

This argument against CMR is getting old and is as flawed as when it was
first brought up. :(

Plain and simple with or without CMR if the government is going to pass
laws requiring that all messages be encrypted with a government key then
you are f**ked, plain and simple. CMR is not required for them to do it,
plain old PGP 2.6 will work just as well. If they are going to start
passing draconian laws in regards to encryption nothing done here will be
of any importance as they will outlaw anything that does not conform
(volentary GAK will never work and they know it).

Debating what should or should not be in the Open-PGP specs based on what
law some government may or may not pass in the future does not have a
place here. I propose that the FBI/CIA/NSA al will get laws passed
banning the use of all crypto therefore we should drop everything pack our
bags and go on home.

- -- 
- ---------------------------------------------------------------
William H. Geiger III
Geiger Consulting    Cooking With Warp 4.0

Author of E-Secure - PGP Front End for MR/2 Ice
PGP & MR/2 the only way for secure e-mail.
OS/2 PGP 2.6.3a at:                 
- ---------------------------------------------------------------

Version: 2.6.3a
Charset: cp850
Comment: Registered_User_E-Secure_v1.1b1_ES000000