At 10:15 AM -0700 10/16/97, Anonymous wrote: ...
- An encrypted message is sent as before, but this time the message is encrypted to the corporate key. ... In the third scenario, where you encrypt to the corporate key, there is no expectation of privacy. All parties, the sender, the receiver, and the company, know that the data is being made available to the business. There is not much privacy here; what you have is business security. This mode would be used for business documents and business communications.
However, this scenario may well represent a _step downward_ in real world security for business users. Whereas today their messages, encrypted or not, are not readily available to spies within a company (save for sendmail logs, a serious liability, I fully agree), implementation of the third scenario would potentially pool all messages in a single very tempting target for snooping. As I have noted, there are times when the CEO or other senior officer of a company wants to communicate _truly securely_ with others inside or outside his company. It is not acceptable to these companies to have a Corporate Crypto Compliance Policeman (CCCP) able to peruse these messages. Nor is it a very good idea to have an archive of pooled messages subject to "discovery" in a lawsuit, FTC or SEC action, etc. There is a real risk that PGP for Business with its archiving functions will decrease "plausible deniability." A solution is to have "override modes" on the CMR features, presumably based on level within a company, permission, etc. Another solution, which I presume PGP for Business could support, is to have a series of levels, or even distributed pools. In other words, _many_ corporate keys. (It would be impractical, obviously, for large companies with tens of thousands of employees to all be feeding their dozens or hundreds of messages a day into a single corporate key in box.) The bottom line is that, while many companies may be clamoring for message recovery, they may end up not liking the new risks imposed. (And, should PGP's adoption of CMR hasten the onset of mandatory GMR or GAK, as it may well be doing already, they may truly hate the whole thing.) --Tim May The Feds have shown their hand: they want a ban on domestic cryptography ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, ComSec 3DES: 408-728-0152 | anonymous networks, digital pseudonyms, zero W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^2,976,221 | black markets, collapse of governments. "National borders aren't even speed bumps on the information superhighway."