-----BEGIN PGP SIGNED MESSAGE----- mark@unicorn.com was heard to whisper to several hundred people: =snip=
The effect of this is that if someone wants to send email about an urgent bug and I'm out at lunch, any of my co-workers can read that mail. But if they want to send *me* mail about confidential inter-company negotiations, the co-workers could decrypt the outer layer of the message, but would be blocked by the inner layer encryption to my personal key.
As I see it, this system is simple, solves the problems which PGP claim they need to solve without creating the snooping problems Tim and others have discussed, cannot easily be adapted to GAK ('This message is to be encrypted to the FBI public key. If it is confidential, click here to superencrypt to the recipient's personal key'), and won't require a massive change to the PGP source code.
There are some obvious security issues with having the department key shared amongst the members of the department, but I don't see that they are any worse than PGP's current CMR implementation, which has already discussed the use of department keys; it's certainly better than using plaintext. There are also problems with encrypting confidential mail to multiple recipients, but they're surmountable; an easy solution, if you don't care about traffic analysis, is to only encrypt confidential mail to the personal key rather than superencrypt with the corporate key. In most cases such mail wouldn't be sent to multiple recipients anyway.
This isn't quite as bad as the current setup with pgp5.5. We've set up something almost like this within my department. We have a shared key for the department, and private keys individually. I'm pretty leery of the concept of a shared group key, but for certain types of messages, it is not too terrible a solution. Of course, you have problems when someone leaves the group, as you now have to change the master key for the group. I'd actually prefer to be able to use conventional crypto for when we need to distribute new passwords amongst my group, as it is easier to deal with ftmp (for the group where i work anyway) without the difficulties of having to revoke/reissue the dept key. One thing that I think PGP needs more than anything else, is to make it easy to build lists of keys to encrypt to. Version 4.5 has this feature, which is why I'm using it. I would hope that 5.5 does, and will also let the user create whatever type of keys he wants and use conventional crypto as well. I'm expecting a copy here soon, so will get to play with it then. I can't say I really like version 5.0 much. - ------------------------ Name: amp E-mail: amp@pobox.com Date: 10/22/97 Time: 05:37:49 Visit me at http://www.pobox.com/~amp == -export-a-crypto-system-sig -RSA-3-lines-PERL #!/bin/perl -sp0777i<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<j]dsj $/=unpack('H*',$_);$_=`echo 16dio\U$k"SK$/SM$n\EsN0p[lN*1 lK[d2%Sa2/d0$^Ixp"|dc`;s/\W//g;$_=pack('H*',/((..)*)$/) == 'Drug Trafficking Offense' is the root passphrase to the Constitution. Have you seen http://www.public-action.com/SkyWriter/WacoMuseum - ------------------------ -----BEGIN PGP SIGNATURE----- Version: 4.5 Comment: Strong Encryption Is Your Friend iQEVAgUBNE3Z0/pLP0N7vZi7AQGS1QgAnDOauulYt+eCWfKeK1Lsnx/goxVYGIIc FiGb6qySEJRzoohtcWNnwppdNgsaMJBzmgjPad2CX7WjtrOUavybP/W+9hlTRn0T UVUg++CLBvyNwD5bxRdnLFqeUw2tUkIgfGw0Eyef3LQ0M6jwuczYj/YMCvL7RR7e INhZfX2sVGfl6e2/p01M8b+KmjQZ4U5SDD8HcQRC1I4+g8qqnsenzVqwel2tRbmg kjWE5nJwC755Y0I7gqMPWgYMu2FUS/0RVjehDCh9RhuwhUuC3vxUG0oeFMkFwiR1 uJi6KRtQPElVb9wOuN7/jTQodgOfabE0or0b0+G1JNrYYo9MxEvieg== =n7SF -----END PGP SIGNATURE-----