On Wed, 1 Nov 2000, Eric Murray wrote:
I beleive it was Eric Hughes who at a Cypherpunks meeting about four years ago, said "the solution isn't key escrow, it's document escrow". Which makes sense- a business doesn't (or shouldn't) allow employees to keep a single copy of an important document on their hard drive. It should be replicated in other known places in case of disaster (drive failure, stolen computer, employee hit by bus, etc). Just because documents are encrypted doesn't mean that this practice is abandoned.
One can envision a system where there's a corporate "document czar" who is regularly given docs from various employees and who then encrypts them in his own key. When and where the docs get decrypted is determined by corporate policies. No key escrow required.
I don't know of any existing system like this, but formal corporate document control isn't my field.
You (and apparently Eric) haven't ever heard of cron and tar? The job you're speaking of is called a 'system administrator'. There job is to archive the contents of the companies machines. Make multiple copies and then escrow at least one of those copies in another physical location. The reality is that if a company gets hit with this sort of problems (ie document loss) then they have a competancy issue of a bigger proportion. ____________________________________________________________________ He is able who thinks he is able. Buddha The Armadillo Group ,::////;::-. James Choate Austin, Tx /:'///// ``::>/|/ ravage@ssz.com www.ssz.com .', |||| `/( e\ 512-451-7087 -====~~mm-'`-```-mm --'- --------------------------------------------------------------------