At 12:13 PM 10/31/00 -0500, Tim May wrote:
How about:
-- no key escrow, no split keys, no trusted third parties
I don't see any way around the fact that some companies will want to have key escrow of some form for employees who disappear, e.g., car accident, pickpocket stole the key-carrier, etc. I think companies will want this because of the risks of financial damage to the company. Although its hazardous if done wrong [cf recent PGP problems], is tarnished by the Fedz/Denning/etc, and might have no use in a personal privacy tool (your diary dies with you), isn't it too dogmatic to rule out key escrow for tools intended for use by groups? Are there equivalent methods which don't use escrowed keys, which I am unaware of? Strong crypto means the employee can put an invincible lock on the corporate file cabinet. This might mean that invincible locks are not used in corporations. A corporation might require that any invincible physical locks be used in series, so the corp can get into the files if the first lock stays locked. That doesn't seem wrong to me; and in meatspace two locks in series is obvious and no compromise is made to either lock's design. Maybe no escrow per se, but corp. data is duplicated and each copy is encrypted by a person's bizkey and the corporate shared key for that person. Locks in series. (Now, it may be 'sad' that ZKS has changed its bizmodel to service businesses that need locks in series, but I'm only interested in whether its rational to universally denounce any locks-in-series architectures.)
The "relevant legislation" language is the real kicker.
Though this was elaborated on in a later reply, they really do need to specify what they mean exactly (re Canada & 'consumer privacy') when they say the nasty l-word in their public literature. Any mention of the law in crypto lit turns the stomache, puts the scanners on highest sensitivity.