Message-Id: <199311231010.AA02853@mitsou.inria.fr> To: Steve Kent <kent@bbn.com> Cc: pem-dev@TIS.COM Subject: Re: desire to use multiple keys, at least in RIPEM In-Reply-To: Your message of "Mon, 22 Nov 1993 17:09:30 EST." <9311222207.AA26212@relay.tis.com> Date: Tue, 23 Nov 1993 11:10:11 +0100 From: Christian Huitema <Christian.Huitema@sophia.inria.fr>
Steve,
The "use two key" version may also be a result of strict cryptographic requirement. The services-that-be may well end up only allowing us to use relatively short RSA keys for session-key encryption purposes. E.g. if I want to send an encrypted message in France to you, I should pick one of your keys wich is short enough (say, 256 bits) and use that to pass the session key. I can still sign with my 1024 bits RSA key -- signature is not a problem. Our local variation of key escrow, I suppose...
Christian Huitema
From cme Tue Nov 23 22:53:11 1993 To: Christian.Huitema@sophia.inria.fr Subject: Re: desire to use multiple keys, at least in RIPEM Cc: kent@bbn.com
No need.
I hate to offer aid and comfort to the spies -- but if your gov't had such a dumb rule, it could have its own 1024-bit RSA key and you could include it as a cc: on all messages.
Oops. I just realized that your gov't *does* have such a dumb rule.
...time for another Bastile Day?
- Carl
:-|