James Donald <jamesd@echeque.com> writes:
At 02:27 PM 10/7/97 -0700, Jon Callas wrote: [Explaining PGP's rather alarming "data recovery" features.]
Sending a copy to the boss of everything Alice sends is OK.
If Alice wants to send something her boss should not read, perhaps she should use her private account, rather than a company paid account.
Sending a copy of everything Alice receives to the boss or HR is not OK.
Alice should get to control it.
I'm not sure I see why you draw this distinction. Is it because the person sending may intend the message for Alice only? If so I think Jon said that all current versions of PGP warn the user that their is a company escrow situation when you send to the key (this information being in attributes of the key). Snooping Alice's outgoing traffic, and snooping Alice's incoming traffic are similarly little brotherish in my view. If the company has an approval system for official statements (seems reasonable, if it's a press release, important contractual decision, etc), then Alice can send a copy to the legal beagles for the ok, and they can send it on.
It would be acceptable for the company system to keep track of what Alice has received, and flag "Alice received something, and has not yet filed the cleartext copy with us"
I figure this is fair game also... clearly they can see the traffic coming into LAN and being delivered to Alice's mailbox.
It is not acceptable to just plain snoop on what Alice receives.
I don't like it either. But how is this so different from snooping on what Alice sends.
Furthermore any auto-snoop feature sets a very dangerous precedent.
Agree.
It is politically a lot more difficult for the FBI to mandate that they can recover your data, if such a mandate leads to the message flashing up, "now sending a copy to the FBI" every time you decrypt something.
I was arguing earlier that the way for the company to do archiving of received encrypted email was for archive copy to be taken after the employee has decrypted it. The employee should be made aware that the received email is being archived. Adam -- Now officially an EAR violation... Have *you* exported RSA today? --> http://www.dcs.ex.ac.uk/~aba/rsa/ print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<> )]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`