William H. Geiger III [whgiii(_at_)invweb(_dot_)net] wrote:
I don't like it. It goes against the concepts of end-to-end encryption. If
I want to send an encrypted message to someone, I want *only* that
recipient to be able to read that message, not someone down in MIS, not
some mail clerk, or god knows who else that has access to the local
network.
I think there's a definite use in corporate-land; just as when I submit an
order to a web-server I use a corporate ordering encryption key, there's
no reason why when I send an order in by email I would use a personal key
rather than a group key. Just as the web-server decrypts the order and
probably stores it in a plaintext file somewhere, the mail server can
decrypt the order and pass it in plaintext to the first available clerk.
In some cases I want to send mail to a particular person in the company,
but in most cases I just want to send it to a particular department, who
would have to either share a key or have a decryption server. As long as
PGP warns that it's a shared/server-decrypted key (there was talk of
creating an Open-PGP flag to indicate this, but I don't know whether it
happened) I don't see a problem.
And as I've mentioned before, this system solves most if not all of the
problems that CMR claims to solve, without the new problems it creates.
Mark