At 3:02 AM -0700 10/22/97, mark@unicorn.com wrote:
The current system sends out a user's personal key, with a tag to say that if I don't encrypt to the company as well, my mail will bounce. But think about this: how often do I want to send email to a particular person in a company, and ensure that only they see it? And how often do I want to send mail to a particular group inside a company? All I want is to ensure that I get a response from the company, I usually don't care who I talk to in the process.
Our mileages apparently vary. When _I_ send a message to, say, Jon Callas at PGP, Inc., it is to Jon Callas, not to others. It might be a job offer, it might be an invitationf for him to help monkeywrench CMR, it might be a stock tip, it might be a comment about a conversation we had a party, it might be a lot of things. If I was sending it to "Jon's coworkers in Department Z," I probably either wouldn't encrypt it at all, or would (if the option existed) encrypt to some departmental or group key. In fact, addressing your "how often do I want to send email to a particular person in a company, and ensure that only they see it?" point, I'd say that virtually all I've sent is of this "to one person and not to others" sort. Sure, sometimes I send bug reports to software vendors and to my ISP, and then I don't know, or care, who reads it. But if I send mail to Vinnie, or to Phil, or to Dave, or to Jon, I expect it'll go to them and to them alone. Who they show it to afterwards is, obviously, beyond my control and outside the scope of cryptography. I don't dispute the "right" of a business owner to enforce use of CMR on his employees, or to bounce my mail for failing to properly CMR the message I send. I expect those who adopt CMR will find an awful lot of folks will just give up on trying to communicate with those living in a CMR regime. A lot of folks will be using older, non-CMR, versions of PGP for many years to come. (Even if older versions support the additional CMR keys, which I'm sure they could do by adding the CMR key to the appropriate keyring, a lot of folks will just skip the additional complexity...when they want to send a message to someone, they won't want to bother with additional keys, bounced messages, etc.) Now what Phil, Vinnie, Dave, and Jon will likely do if CMR is enforced within PGP, Inc. is to tell those who want to send them job offers, personal messages, etc. to use back channels, e.g., prz@acm.org, AOL accounts, hotmail accounts, etc. So much for Corporate Message Recovery. --Tim May The Feds have shown their hand: they want a ban on domestic cryptography ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, ComSec 3DES: 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^2,976,221 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway."