At 18:46 2/20/96, IPG Sales wrote:
Hedging, hedging, hedging - why? I did not noitice this in my first reply - in addition to giving you the company if you can break the system, we will give you the company if you can establish, through our employees or any other method, that we retain any Ocopies of the TPs, any! - for very large systems, we maintain a temporary copy to insure safe arrival, by excuting the check system menu item - it is immediate destroyed upon system notification. Anyone that wants to audit us cazn do so, unannounced at any time - subject to payment ofd expenses! We do not keep copies, we would not be in business 30 days if we did.
It is irrelevant if you keep copies of the OTPs or not. The point is that you might. There is no way to prove to me or anyone else that you don't keep copies. [why this is true is left as an exercise to the reader]. I would not trust anyone outside my company to create keys for us. I would urge any others interested in keeping their data inaccessible to outsiders to exercise the same fundamental caution. There is no further need to look at IPG's source code or algorithms. As I said, end of story. -- Lucky Green <mailto:shamrock@netcom.com> PGP encrypted mail preferred.