Kent Crispin <kent@bywater.songbird.com> writes:
Declan writes:
I agree that PGP 5.5 doesn't meet the FBI's demand for realtime access. But it can be used as a waving-around-on-the-House-floor prop to pass a law that requires mandatory key escrow.
They could wave around TIS's products (designed by noted cypherpunk Carl Ellison, I believe), or NorTel's Entrust, just as well. Hell, in a few months they may be able to wave around Adam Backs CDR product, which also facilitates GAK -- access to communications is worse than access to data, by some measure, but the LEA's will certainly be grateful to Adam for his legitimization of Key Escrow...
I think there is a large difference between storage key recovery and message key recovery. Also a difference between message key recovery and including information with the message allowing it to be recovered by fourth parties. Yes, governments would like to come take your disk, but they've got to come and get it first. And when they get there they may find you are not using GAKked keys on your disk encryption. They won't know until they try. With email GAK and recovery info with the email, they can tell from remote snooping if you are cheating. Adam -- Now officially an EAR violation... Have *you* exported RSA today? --> http://www.dcs.ex.ac.uk/~aba/rsa/ print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<> )]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`