In response to the Philip Hallam-Baker message below with his
   IETF draft, posted on Cryptome, these responses have been offered:
   1. A 1997 paper: "Kleptography: Cryptography Against Cryptography,"
   by Adam Young and Moti Yung.
   [1]http://link.springer.com/chapter/10.1007%2F3-540-69053-0_6
   "Kleptography: persuading the party to be intercepted to use a
   form of crypto that the attacker knows they can break."
   2. "Phil's background as Verisign's principal designer is wellknown,
   and so are his design efforts in 'certificates, cert crypto and secure
   dns'. Lesser known are his friendships with the 'men-in-black'."
   -----

     Date: Wed, 11 Sep 2013 16:30:50 -0400
     From: Phillip Hallam-Baker <hallam@gmail.com>
     To: "cryptography@metzdowd.com" <cryptography@metzdowd.com>
     Subject: [Cryptography] Summary of the discussion so far
     I have attempted to produce a summary of the discussion so far for
     use as a requirements document for the PRISM-PROOF email scheme.
     This is now available as an Internet draft.
     [2]http://www.ietf.org/id/draft-hallambaker-prismproof-req-00.txt
     I have left out acknowledgements and references at the moment. That
     is likely to take a whole day going back through the list and I
     wanted to get this out.
     If anyone wants to claim responsibility for any part of the doc then
     drop me a line and I will have the black helicopter sent round.
     --
     Website: [3]http://hallambaker.com/
     _______________________________________________
     The cryptography mailing list

References

   1. http://link.springer.com/chapter/10.1007/3-540-69053-0_6
   2. http://www.ietf.org/id/draft-hallambaker-prismproof-req-00.txt
   3. http://hallambaker.com/