William Geiger wrote:
This is a stereotypical Strawman. "Even if PGP avoids GAK some other 3rd party can modify it to be Gakware." Every version of PGP had the ability to encrypt to multiple recipients. As I stated in my previous posts I can get PGP 2.6.x to do everything 5.5 does with a couple of scripts.
Yes, but as Adam says, the average Mr. Windows can not. In any case, this is not a narrow technical argument. Of course any system with multiple recipients can be turned into GAKware. The point is that we don't want to make it ANY easier for anyone to do so.
No this is not mandatory GAK compliance. Mandatory GAK compliance would be if every copy of PGP came with a government key and the program *forced* the user to encrypt all his messages with it.
Again, as Adam says, how long would it take for a government to introduce legislation making this mandatory once PGP 5.5-type systems took off? Or, more insiduously, using its purchasing power - "Federal agencies will only buy CAK-enabled systems" - to ensure the vast majority of systems did so.
Ok Adam here is a challenge for you:
-- Explain why Corporations do not have the right to access *their* documents in whatever form they may be in.
Can I take this one up ;-) The point is, with *communication* keys, corporations will have full access to the plaintext because it will be decrypted by the recipient as soon as it arrives. I appreciate your point about corporations being able to read *their* documents - although doing so by snooping, without the sender's knowledge, is rather unethical to say the least - but I don't think they have the right to snoop on all *incoming* communications, whoever they may be from. This is the really scary part of PGP 5.5...
explain why there were no great outcries that PGP 2.6.x is GAKware???
...because PGP 2.6.x does not include an SMTP automatic snooping agent. William Simpson wrote:
Let us decide _what_ the goals are, _how_ to solve the problems, and _then_ decide the protocol details and formats to match the solution.
Absolutely. Can we start with Adam and William's proposal that we should have three separate types of key: communication, signature, and storage. This would be very simple to implement; probably the easiest and most backward-compatible way would be to define a new packet type specifying a key's usage.
Why have a communication enforcement filter, when the only usage is supposed to be for recovering archival storage?
Absolutely. I can see the point, and appreciate the difficulties faced by PGP Inc., in most of the CAK features of PGP 5.5. But I just can *not* see how the twisted idea of the SMTP snooper ever came about. Ian.