[Top] [All Lists]

Re: Just say NO to key escrow or CMR/ARR revisited

1997-11-05 09:50:56
On Wed, Nov 05, 1997 at 09:47:42AM +0000, Ian Brown wrote:

A completely bogus crux.  In *both cases* we are talking about
encrypted email.  Therefore, in both cases we are talking about data
sent across an insecure network.  Therefore, in both cases the FBI has
access to the ciphertext.  In either case, data that doesn't get sent 
across an insecure network is not the issue.

Forward secrecy in email is an orthogonal issue to CMR/key escrow.

Forward secrecy in email is orthogonal to this post.

In a CMR scheme, with a mandated government recipient, the ciphertext is
sent across an insecure network. There it can be intercepted and read by
any interested TLA.

In an escrow scheme - with escrow of either decryption keys or
ciphertext encrypted to a company/FBI key *inside an organisation* -
ciphertext *outside* the organisation is not encrypted to anyone except
the recipient. It can be intercepted but not read.

You are not making any sense here.  CMR doesn't automatically give 
keys to anyone.

No, I didn't say that. With a mandated government recipient, no keys
need to be handed over. The ciphertext can be read as is.

The usual rule of thumb is that you should compare oranges and

With mandated escrow of all keys to the FBI the ciphertext can be 
read as is, just as well.

Neither CMR nor CKE say anything about "mandated government access". 
Either of them can be perverted by requiring it.  And either such
perversion would require a huge infrastructure of some sort or

Personally, I prefer CKE to CMR, because after you filter out all the
FUD there actually is a serious and real problem here: organizational
management of large numbers of keys.  CKE more directly addresses 
this problem.  CMR merely puts off the problem a while.

It is my belief that *any* solution to this problem can be perverted
by governments, as well.  That's unfortunate, but it doesn't make the
problem go away.  As being online becomes more and more important and
common, large organizations need to use encryption for organizational

Kent Crispin                            "No reason to get excited",
kent(_at_)songbird(_dot_)com                    the thief he kindly spoke...
PGP fingerprint:   B1 8B 72 ED 55 21 5E 44  61 F4 58 0F 72 10 65 55