On Tue, 31 Oct 2000, Tim May wrote:
And this process may not happen with just subpoenas. It will likely happen with national security agencies. Without Alice knowing.
This is what happens when Alice or any other customer of your product uses "trusted third parties." GAK beats crack any day.
This is the danger of building a "trusted third parties" system. And is precisely the reason the United Kingdom was campaigning for this kind of system.
By building precisely the tools they and other governments would need to implement such a system, you are making such a system more likely to happen.
'scuse me, but this gets a big raspberry. The tools governments would need to implement such a system are already out there, in droves and gobs. What ZKS does or does not contribute to that brew has little to do with whether broken security gets rammed down everyone's throats or not. Asking for crypto systems that cannot be used in such plans is a lot like asking for bricks that cannot be used to build unsound structures. Somebody might be able to develop such a brick: but it wouldn't be a general, flexible component, and there'd be so many *sound* structures you couldn't build with it, or had to expend a lot of head-sweat figuring out *how* to build with it, that all the construction workers would hate it and ignore it to death. I think that crypto tools ought to support whatever the hell crypto operations the people using them want. Including third party access to keys and the use of monoalphabetic substitution ciphers to encrypt correspondence if they're stupid enough to want that. There is no foolproof system, and attempting to make foolproof systems only limits the uses to which they can be put by non-fools. Alice cannot give her private info to Bob and then expect Bob not to know it in some other situation; it has passed out of her control and any policy or tool Bob has in place to "maintain privacy" is equally out of Alice's control. If Bob is trustworthy, there is no need for crypto at all because Bob will religiously *not* look at those records for any unauthorized purposes. If Bob is untrustworthy, Bob will claim to be using crypto whether or not Bob is actually using it, and claim to have a privacy policy that he follows whether or not he actually does. Either way, there is no reliable protection for Alice the consumer once she has passed her personal info in the clear to Bob. Bear