On Sun, Oct 19, 1997 at 10:25:08AM +0100, Adam Back wrote:
Toto <toto@sk.sympatico.ca> writes:
Kent Crispin wrote:
You keep talking as if your CDR proposal is other than vaporware. So far as I have seen you don't have a proposal, you have a wish.
Given Adam's many accomplishments in the arena of CypherPunks issues, I find it hard to make a case for his discussion in this area to be mere mental masturbation.
Thanks for the vote of confidence Toto.
Also I must raise the point that it is not a lone stand. Other people are arguing against PGP Inc's CMR proposal, and are arguing for more GAK resistant variants, and alternatives.
Apparently for some internal reason you must raise the point, but it is irrelevant. I said your *proposals* were vaporware, not your motivations. It is, as I have said, a waste of time (and yes, mental masturbation) to argue about motivations. [. citations of famous cryptographers and Kent Crispin snipped .]
However the biggest point of all is that: communications keys are more valuable to any attacker (government, unscrupulous little brother, or industrial spy) than storage keys.
I would be interested to see any one willing to burn their reputational capital refuting that simple point.
*Long term* communication keys. Nobody is going to burn reputation capital on that point because it's obvious, and really doesn't need to be argued. Furthermore the point applies just as well to current PGP keys. The *only* additional vulnerabilities of CMR come from 1) the volume of data makes it a more interesting target and 2) the management of the CMR key(s) may be problematic. However, in a large organization the management of *user* keys is problematic, as well, and management of the CMR key(s), on balance, will probably be better. So the additional vulnerability of CMR comes from the fact that it makes a lot of data accessible from one key. This vulnerability could be reduced by having multiple CMR keys -- the accounting dept has one, the CEO has one, and it is the same as his private key that is not escrowed anywhere, etc etc etc. [Is it true that the private key associated with a CMR public key could simply be discarded, rather than escrowed, and everything would still work? -- except that you couldn't recover anything, of course...] A more interesting argument is as follows: what is the real level of security needed for the business communications that will be covered by CMR? It seems obvious that the level of security required, on average, is really quite low. Note that businesses send all kinds of important documents through regular mail, only protected *gasp* by PAPER ENVELOPES. Anyway, Adam, I anxiously await the paper you are working on that gives the real details of your proposals. I'm sure it's readability will be vastly improved if you religiously avoid the use of the word GAK :-) -- Kent Crispin "No reason to get excited", kent@songbird.com the thief he kindly spoke... PGP fingerprint: B1 8B 72 ED 55 21 5E 44 61 F4 58 0F 72 10 65 55 http://songbird.com/kent/pgp_key.html