RE: 40 bit DES [Was:Re: !! Point 'n Crypt]
Walt Armour
If I encrypt a $10 million dollar proposal and then get 86'd in a car accident I would like to go to my grave knowing that the company could get the proposal back. ....
Anyone who stores a $10m proposal on only one machine, without making backups on somebody else's machine, preferably out of the building, is asking for the Clue Fairy to send him disk drive gremlins and software from Bill Gates to scribble on his disk, and his company should probably consider 86ing him before he strikes again :-) Slightly more seriously, there are certainly corporate reasons to store backups of keys for important data, such as backup tapes and communications. GAK-style technology is the wrong level approach for communications - GAK-style access to keys is useless unless you've also backed up the data, so if your corporate officers need the data, give it to them encrypted with their own keys. Similarly, if you want backup access to keys used to encrypt files, back up the keyrings, maybe using a secret-sharer if you want to require multiple people to access the backup, or just have the backups of the files encrypted with the keys for the backup server.
BUT in regards to the general populace, I do not advocate any form of key escrow/recovery.
# Thanks; Bill # Bill Stewart, +1-415-442-2215 stewarts@ix.netcom.com # You can get PGP outside the US at ftp.ox.ac.uk # (If this is posted to cypherpunks, I'm currently lurking from fcpunx, # so please Cc: me on replies. Thanks.)
participants (1)
-
stewarts@ix.netcom.com