Kent Crispin wrote:
Perhaps he has no business having a personal key on a company machine. He's a fool if he does, anyway -- if the company wanted to snoop his key they just go in after hours, install a keyboard sniffer, and grab his passphrase...the bottom line is, Ray, that if it is on a corporate machine, the corporation has access, whether the employee thinks so or not.
this entirely depends on the specific protocol followed by the corporation and the employee. its not unethical for the corporation to have access to the employee's _work_ key and data encrypted with the key if they mutually decide it that way. The employee can always use a different crypto system for his personal data. and its not unethical for a firm to sell a key-escrow product. enforcing the use of key escrow is. vipul -- Powell lingered. "How's Earth?" It was a conventional enough question and Muller gave the conventional answer, "Still spinning." -- "Reason", Asimov. ================================================================== Vipul Ved Prakash | - Electronic Security & Crypto vipul@best.com | - Web Objects 91 11 2233328 | - PERL Development 198 Madhuban IP Extension | - Linux & Open Systems Delhi, INDIA 110 092 | - Networked Virtual Spaces