Phill <hallam@w3.org> wrote,
One solution to this problem would be to modify PGP so that the session key for the document was released rather than the passphrase for the public key. The former would provide only read access, the latter would allow th scientologists to forge Wollerstein's signature on other material. In addition many of the documents may be subject to privillege.
It seems to me that if this kind of risk was seen ahead of time that a method doing the equivalent using ordinary PGP commands could be agreed upon by all involved. The document could be encrypted using "PGP conventional encryption" and the pass phrase for that could then encrypted using the public key. The encrypted document would thus consist of these two parts. The breaking of the traditional decryption into it's two parts would not be needed--superficial use of PGP would work. The owner of the public key--who is in possession of the document encrypted as suggested--when threated by an attacker--who is also in possession of the document--with an unbearably high cost for not giving up his secret key can offer to give up the the password for the "PGP conventional encryption". This method does not define how the password is obtained and that might be a weakness. I confess I'm new to PGP (and this subject in general) and am ignoring the suggestion in Tim May's FAQ that newbies try not to look clueless. Dar Scott =========================================================== Dar Scott Home phone: +1 505 299 9497 Dar Scott Consulting Voice: +1 505 299 5790 8637 Horacio Place NE Email: darscott@aol.com Albuquerque, NM 87111 dsc@swcp.com Fax: +1 505 898 6525 http://www.swcp.com/~correspo/DSC/DarScott.html ===========================================================