At 11:42 AM 12/5/97 -0500, you wrote:
"The government's key recovery program is a complete violation of the individual's right to privacy and, in fact, compromises of the system are already taking place. This shows that key escrow is an untenable policy," said Bruce Schneier, one of the world's leading authorities on encryption and author of the book "Applied Cryptography". "SynData is paving the way for other software developers by taking a stand in opposition to the government and companies like Network Associates."
By "companies like Network Associates", do you mean "companies who are members of the Key Recovery Alliance" (http://www.kra.org)? If so, here are the "companies like Network Associates", in that regard: [Note RSA is a Charter Member]
This statement is seriously confusing Key Recovery and Key Escrow. They are NOT the same thing. Everybody knows what Key *Escrow* is and that it sucks. Key Recovery is *very* different in that are no databases kept of private keys. The website you mentioned (http://www.kra.org) contains some very good info on how Key Recovery works. I would like to see the source of Schneier's quote also, because I can't believe he could get the two confused. Wes Griffin wgriffin@glue.umd.edu