Jon Callas <jon@pgp.com> writes:

At 12:54 AM 10/18/97 +0100, Adam Back wrote:

...

[what is CMR key for surveillance/ or disaster recovery]

It's not for surveillance. It's for recovering from disaster.

In that case recovery can be much more simply and securely achieved locally to the recipient. Escrow or use locally stored recovery information. The CMR key is not needed for this functionality.

I think it would be a good thing to send a PGP message over an encrypted link (TLS or other).

This is an independently good idea and would mitigate some of the possibilites of CMR functionality being used for purposes other than it's designers intended. However it is hard to do; and the keys have different security focus becuase it is hard to use user <-> user end to end TLS because of the store and forward nature of email. Adam -- Now officially an EAR violation... Have *you* exported RSA today? --> http://www.dcs.ex.ac.uk/~aba/rsa/ print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<> )]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`