Jon Callas <jon(_at_)pgp(_dot_)com> writes:
At 04:20 PM 11/21/97 +0000, Ian Brown wrote:
No, I don't. But as PGP Inc are pushing CMR as a corporate solution
which gives the ability to snoop on employees' e-mail, I just wanted to
point out one of the negative consequences for such unethical companies
;-)
We are doing no such thing.
Could we have some clarification on what purpose PGP is pushing the
CMR feature for. Lots of disclaimers about what it's not for: but
what _is_ it for? The fact that it is currently in the draft I think
entitles the WG to some kind of explanation.
PGP might not be pushing CMR for the purpose of allowing corporate
snooping; but that is what the CMR design is ideal for.
We already went through the process of showing that recovering from
lost passphrases is better achieved with local escrow.
CMR doesn't acheive it's stated purpose, weakens security, and is
politically dangerous to boot.
David Kemp was arguing for snooping:
So you accept it as a given that shredding evidence is appropriate
and desirable behavior in a free society?
Yes. This is what Phil Zimmermann designed the pgp -w option is for:
to shred files. Communications and storage security is all about
denying third party access to communications and storage. What better
way to deny access of communications than to destroy them after
reading. This is what the pgp -m option is for: to discourage the
recipient from storing in plaintext.
Even if said shredding is conducted by the White House (or #10
Downing Street)?
Everything cuts two ways. Next thing you'll be telling us sending
messages the government can't read "isn't appropriate and desirable
behaviour in a free society".
When Phil Zimmermann spoke at the Privacy International organised
conference in London he made the point that he hoped the new Labour
government would not forget the wire taps and snooping they had been
subjected to by GCHQ on the behalf of the Tory government prior to
winning the election. He hoped they would remember these lessons, and
avoid government key escrow.
PGP Inc is firmly against government key escrow. The name PGP must
_never_ become associated with untoward backdoors.
Companies have a perfectly legitimate need to "shred" their data after
it is no longer needed by them. Saying that individuals or companies
must keep records to enable others to incriminate them is prior
restraint. Some companies are required to keep various records for
periods of time. There is no obligation to keep records after these
stipulated times, and many company communications are not kept at all,
by design. To do otherwise would be fool hardy. Tim May, an ex-Intel
engineer, gave the example that they had a policy of purging old
notes, papers, periodically. He considered the purpose of this to
prevent discovery processes.
It is dangerous for companies to keep around old communications which
they no longer need. Ian posted another example.
Why do you think companies have paper shredders? Companies legal
departments set policies for records keeping; several people who have
spent much time in corporate environments gave examples of destroying
old records. The motive is obvious: to minimise information available
in a discovery processes, such as Microsoft is enduring now.
Adam