At 2:45 PM -0700 10/15/97, Anonymous wrote:
Tim May <tcmay@got.net> writes:
This also applies to CMR as well. Whatever the perceived business reasons for CMR, the fact is that it introduces additional failure points. No longer will Alice and Bob be secure that at least there are no "other readers" in the channel between them (what they do with the plaintext after decryption is of course solvable by no technology).
I thought that was the whole point of the PGP design. It makes the presence of third parties clear and visible to all participants. This seems to be the fundamental principle. PGP is designed to allow Alice and Bob to be informed if third party access is built in. Key escrow and re-encryption are inherently less visible forms of message access.
My explicit point was about what happens to plaintext _after_ it has been received. Not an exceptionable point, it seems to me. CMR doesn't tell anybody anything about who later sees the plaintext (it can't, which was my point). And CMR of course does not actually stop the practice of requiring employees to physically "escrow" keys. I would expect that most companies now requiring employees to deposit copies of their keys may well continue to do so. (And I'll bet the CMR keys are _also_ required to be escrowed...the CMR keys are too valuable not to be copied multiple times.) Finally, I stand by my point that it introduces security weaknesses in the model. --Tim May The Feds have shown their hand: they want a ban on domestic cryptography ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, ComSec 3DES: 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^2,976,221 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway."