-----BEGIN PGP SIGNED MESSAGE----- TimM > (I fear laws telling corporations they *can't* snoop as much as TimM > I fear Clipper. The reasons are obvious, to me at least, and I TimM > can expand on this point if anyone's really interested.) MarkC > The implications in the field of industrial espionage leap quickly MarkC > to mind. MarkC > Beyond that, unrestrained encryption is dangerous to MarkC > corporations, because what's to stop a ticked off employee from MarkC > encrypting everything in the office as revenge for some imagined MarkC > slight? Mark Carter makes the same erroreous simplification many people do when talking about point security. I see it most often on the Firewalls list. There, the standard answer to "Should I prevent ftp connections so employees can't send our proprietary plans off-site?" appears to be "Do you search your employees at the exit for floppies and magnetic tapes?" Security is a web, the strength of which is only as high as the biggest gap between threads. Encryption being available to employees can make industrial espionage easier only if it opens a new channel (or clears an insecure channel) for bad apple employees or contractors to get their stolen memos off site. An encrypted channel is just a channel, and probably not worth it for the spy (unless higher bandwidth per incident channels like DAT or 8mm tapes risk exposure). Mark's rhetorical question about ticked off employees encrypting everything in sight for revenge shows the same problem. If an employee can encrypt the files and lose the key, the employee can instead just delete them or fill them with garbage. It is indeed a security risk, but the sabotage can more easily be performed without strong encryption. However, strong encryption in the workplace can indeed be used to cause difficulties. I'm more worried about situations where a corporate officer or the like leaves the firm, and "forgets" to let her successor know the pass phrase for the key used to encrypt the payroll records. Or, the executive secretary to the Treasurer could be fired because he was caught trying to embezzle e-cash, and subsequently refuse to release the key used to encrypt official financial transactions. In such situations, a smart company will have used a secret-sharing scheme to split the key, and will have escrowed it with their outside counsel and/or a couple of escrow services. What other problems can we come up with? Richard -----BEGIN PGP SIGNATURE----- Version: 2.3a-sterno-bait iQCVAgUBLgPuMvobez3wRbTBAQE7cQQAlvZtNyR06aPMrmm00tByNQ9EP1sHtM20 d3ZlbeFJRzizdd/OvhSN0CaYFDnp+tkoXhRuPtvELOgE+Jp/H2181oyoDM03Z+sP H+Qsr0kp6pY7EPItzKKaz+8iLPOOPZ3zXnUIzQzbRXYiRjXAOifUzLRmdA8xaFEe /hLgZV746Js= =qlOS -----END PGP SIGNATURE-----