At 4:48 PM -0700 10/14/97, Lucky Green wrote:
On Tue, 14 Oct 1997, Tim May wrote:
(Disaster planning, for "what if Alice gets hit by a truck?" scenarios, are of course handled by having Alice lock up her private keys in her safe, or perhaps her department manager's safe, whatever. This is a dangerous security flaw, if the key is released, but has the advantage that it's a fairly conventional recovery approach, and is not built into the cryptosystem itself.
Tim, The system above you are proposing is [C,G]AK, plain and simple. This is what some companies are doing already. And it is a Bad Thing.
Maybe it's a bad thing, maybe it's not. But at least it isn't built into the cryptosystem itself. (As noted, building it into the infrastructure is very dangerous.) (Personally, I keep a diskette containing a copy of my secret keys, and a "hint message to myself" reminding me of my passphrases, in a Safe Place (tm). If I had a lawyer, I might seal an envelope with such a diskette in it and ask him to hold it for me. And if I had a company, I might insist that employees using crypto as part of their everyday jobs make similar arrangements. Such has it always been with crypto, right?) Building the options into a cryptosystem make it entirely too easy to government to mandate GMR (Government Message Recovery).
[Sidetrack: which is of course why PGP had to find another solution to present to those customers already using GAK. IMHO, and I can't help but be a bit surprised that I find myself in the minority on this issue, at least as far as the list is concerned. What PGP did was _elegant_.]
No, PGP Inc. did not "have" to do anything. Any more than Schlage Locks has to develop a strategy for dealing with customers who leave spare keys under rocks, or with their neighbors, etc. Or that telephone switch companies have to develop a strategy for delivering phone surveillance products, even though some companies make it a practice to monitor or snoop on employee calls. You are a minority for the reasons Phil Zimmermann, Bruce Schneier, Peter Trei, and many other people have expressed: what the New PGP Inc. is doing is not in keeping with the personal privacy goals formerly espoused. And as Schneier noted yesterday, the support by PGP for "message recovery" is already being used by Congress as an arguing point that it is indeed practical and should be made mandatory. Snooware is snoopware. PGP should stay out of this can of worms. (I can't resist another possible parallel. It's a fact that some companies use video surveillance, and microphones, to monitor employees. For drug use, for theft of produced goods, etc. And this is usually legal, except in some circumstances (restrooms, break rooms, and so forth). So, suppose a CRT maker decided to "meet this need" for employee surveillance by building a small video camera into each of its "Monitors for Monitors" line of CRTs? Would you still say that this is _elegant_? Me, I'd harshly criticize the company making the monitors, not because it is illegal, but because building in a surveillance state infrastructure is very dangerous and even immoral.) --Tim May The Feds have shown their hand: they want a ban on domestic cryptography ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, ComSec 3DES: 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^2,976,221 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway."