pem-dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Non-use of PEM

1994-01-10 12:06:00
from [Carl Ellison] [Permanent Link] 
From: jueneman%wotan(_at_)gte(_dot_)com
Message-Id: <9401101717(_dot_)AA04415(_at_)bunny(_dot_)gte(_dot_)com>
Date: Mon, 10 Jan 94 12:12:33 EST
Subject: Re: Non-use of PEM


Bob,

I'll have to give your request some more thought.  At present, I don't
know a good way to break into the consciousness of my own corporation much
less the general Corporation.

re: your 4th point:


4. I would add a fourth category that might be of some interest,
and that would be the use of digital signatures for internal purchase
orders, travel authorization and expense reports, for strictly
INTERNAL purposes.


This would make sense, of course, but we at Stratus have used e-mail and
custom approval structures for internal purposes since almost the founding
of the company (1980).  We have on-line reqs, on-line document approval,
on-line travel arrangements (incl. an on-line travel agency), ....  It's
only expense reports which aren't on-line, of your list.  In general, paper
mail is almost nonexistent here.  My checks are deposited electronically.
All the corporate executives read and answer their own e-mail (even though
we have over 2000 employees).  In all of this time, there have been almost
no cases of fraud, even though it's not difficult for a Stratus system
programmer to masquerade as some other employee.  It has happened, but not
enough to warrant some major authentication effort.  If we were to
institute digital signatures, it's unlikely that every employee would be
careful about passwords and about running the signature on an unshared
piece of equipment -- so a signed message can't be trusted much more than
an unsigned message.  The company just trusts unsigned electronic mail and
data because it trusts its people.

I suspect that the big problem is the one you mentioned -- that security
itself is a hard sell.  There needs to be an abuse which injures someone in
charge before he'll plan to spend money.  Privacy is even harder to sell
because the eavesdropper will be careful not to leave evidence of the
eavesdropping around (or to use acquired information in such a way as to
reveal the fact of the eavesdropping).


As you said, as long as it's free and painless and doesn't interfere with
normal operation, they'll accept it.  Otherwise, it's difficult.  My guess
is that Lotus Notes' e-mail encryption and signatures (if they were the
default) would represent the right level of effort for the user if you want
to implement these company-wide.

Meanwhile, we would need to invent a signature unit which is guaranteed
secure and trivial to use and almost free (because every employee would
need at least one -- two here at Stratus since nearly every employee has a
company-provided modem and terminal or laptop at home).  I don't know any
other way to make a digital signature more secure than the underlying
system security.  This all assumes that we have found a reason for the
secure signature in the first place.

------------

I disagree with you about private e-mail.


1. Casual use for personal e-mail privacy between coworkers
and perhaps collegues outside the company. I suspect that
most companies will have relatively little interest in supporting 
such uses, and in fact might even actively discourage
such use for fear of (1) carrying on unofficial business without
permission, perhaps even extending to fraud, etc., (2) disclosing
company proprietary data to outsiders without any means of
auditing what is going on, and (3) the possibility that the company 
might become liable (or more liable) for something that was said 
by an employee, just becasue it was digitally signed.



I worked at a place once which tried to control employee communications
outside the company.  [They might even have tried to control it inside, but
knew it was impossible.]  I would not continue to work in such a place, of
course, but the real issue is that it is not possible to control people
well enough to make sure they'll be honest.  You need to hire people you
trust and trust the people you have hired.  Encryption does not add much if
anything to an employee's ability (1) to use corporate property for a
personal business or (2) disclose information to outsiders.  As long as
signatures are loosely defined (ala RIPEM), (3) doesn't seem to be much of
a concern, but I must admit that I hadn't thought of this angle.  I think
you're right, there.

Anyway, that company had laid off a good employee who went to work for Sun
and who started up a newsletter on the net for ex employees.  The company
tried to get Sun to put a stop to it.  Sun's answer was that e-mail and net
access are provided as employee's rights, not to be tampered with.  It's no
more possible, today, to keep information and communciation contained
within a corporation than it is to prevent xeroxing of sheet music.
Technology has changed these old habits.

 - Carl
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Non-use of PEM, jueneman%wotan
Next by Date:  Soldiers, sailors, and other residential inmates, jueneman%wotan
Previous by Thread:  Re: Non-use of PEM, Steve Kent
Next by Thread:  Soldiers, sailors, and other residential inmates, jueneman%wotan
Indexes:  [Date] [Thread] [Top] [All Lists]