On Fri, 24 Oct 1997, Adam Back wrote:
If this is the case, I reckon it's still better to just escrow their comms keys locally. Put them all in the company safe, whatever. To go with this kind of a company with this kind of policy, I would presume that sending or receiving super-encrypted messages would would be a sackable offense.
Adam, How does your system prevent the employer from fabricating forged signatures in a PK system that uses the same key for signing and decrypting? And if you don't use such a system, then how do you deal with future versions of the software that will allow the user to swap DH keys from underneath the ElGamal keys? Thanks, -- Lucky Green <shamrock@cypherpunks.to> PGP encrypted email preferred. "Tonga? Where the hell is Tonga? They have Cypherpunks there?"