On 25 Oct 97 at 11:03, Lucky Green wrote:
At 03:25 PM 10/24/97 +0100, Adam Back wrote:
If the pgp5.5 functionality is designed to provide companies with a disaster recovery procedure (forgotten passphrase, or dead employee), there are much better ways to do it. We're not arguing against the user requirement, just against the methodology.
There have been numerous proposals on the list to accomplish the above goals in a way other than the method employed by PGP. I have read the proposals and I am not convinced that said proposals are less intrusive. IMO the vast majority of the proposals I saw are more intrusive.
How about *no* recovery, eh? Is that not less intrusive? Recovery of messages in transit is a complete red herring. Such messages are not recoverable now except by means that are complete no-brainers ("Joe, I never got your reply to my request for blah-blah, did you send it? If so, please resend.") Isn't the mere fact that such messages might be encrypted both incidental and inconsequential? Add to that the *fact* that Internet email is nowhere as unreliable as so many seem to suggest. The only losses of email that I've ever seen were attributable to user error or ISP outage, not to failure of delivery attributable to the network. I've maintained threads of back and forth email exceeding 600 message cycles without the thread being broken by failure of a message to arrive at its intended destination. Recovery of messages in transit is entirely a snooping issue, methinks. Recovery of stored messages and files also seems to me to be a solution to a largely imaginary problem. As I wrote before, there are more ways and more likely ways to lose data than through keeping encrypted files. People live with it. If they wish to address it, either individually or institutionally, they can do so without special features in PGP. A feature in mail clients to store the decrypted message in place of the original would do more to avoid loss of stored encrypted messages than anything else I've seen proposed. This reminds me a lot of the objections of a few to sending EDI traffic over the Internet. When I proposed this in recent years I got a wail from some people over the loss of third-party time stamping and message delivery verification that can occur in the simpler scenarios of bypassing the cash-cow Value Added Networks. But, um, didn't everyone print those documents on *paper* and drop them into USPS *mail boxes* just a few short years ago? What reliable third party time stamping and message delivery verification did they have then? Am I mistaken or didn't the entire economy function on the basis of snail-mailed invoices and other documents? How on earth did people manage under those primitive circumstances? How on earth can people manage email and disk files without the ability to "recover" data that can be lost in a thousand other ways that no encryption package can protect against. Geez. Let's get real here. Regards, Thomas Junker tjunker@phoenix.net