Re: PGP Employee on MKR
whgiii@invweb.net wrote:
There is a simple solution to that don't work for one if you don't like their policies.
I agree; that's why I don't. But I see an inconsistency here. PGP keep telling us that CMR isn't so bad because you can work around it, or superencrypt, or otherwise avoid the company's right to snoop on all communications. Yet you, who believe in this right, support CMR, which can be used to defeat that right, over simple escrow of employee's corporate communication keys. Why? Again, I'm not saying that the companies have no such right. Personally I'd rather escrow my corporate key than see widespread CMR in its current form. Mark
-----BEGIN PGP SIGNED MESSAGE----- In <877714803.13910.193.133.230.33@unicorn.com>, on 10/24/97 at 10:40 AM, mark@unicorn.com said:
whgiii@invweb.net wrote:
There is a simple solution to that don't work for one if you don't like their policies.
I agree; that's why I don't. But I see an inconsistency here. PGP keep telling us that CMR isn't so bad because you can work around it, or superencrypt, or otherwise avoid the company's right to snoop on all communications. Yet you, who believe in this right, support CMR, which can be used to defeat that right, over simple escrow of employee's corporate communication keys. Why?
Again, I'm not saying that the companies have no such right. Personally I'd rather escrow my corporate key than see widespread CMR in its current form.
Well I don't see an inconsistance. :) 1st: Any security system can be circumvented. CMR can be circumvented, Key Escrow can be circumvented, GAK can be circumvented ... 2nd: Just because I assert that one has a right to do something doesn't mean that I *like* it. You can scratch you ass and pick your nose while walking down the street, I don't like it but I am not going to stop you from doing it. I am sure that the Jews in the ACLU who defended the Nazi's right to march in Skokie, IL didn't like what they had to say but were willing to defend their right to say it. 3rd: I never said I liked CMR or that I thought it was the best solution. What I do believe it was the best solution available at the time. They were able to provide a "solution" for their customers in a timely fashion with little modification to their exisisting codebase. This was a migration path for their customers from Viacrypt 4.0. One of the thing they needed to get some customers away from was key escrow. Remember now Viacrypt is RSA, signing & decryption are the same key. Escrowing these keys is a BadThing(TM). Sure eventually they will migrate to the DSS/DH keys but as I am sure you are aware chage is a slow thing in a corporate enviroment. 4th: I most definatly do not believe that CMR=GAK or is anywhere close to it. The sky is not falling chicken little, it's only rain :) - -- - --------------------------------------------------------------- William H. Geiger III http://www.amaranth.com/~whgiii Geiger Consulting Cooking With Warp 4.0 Author of E-Secure - PGP Front End for MR/2 Ice PGP & MR/2 the only way for secure e-mail. OS/2 PGP 2.6.3a at: http://www.amaranth.com/~whgiii/pgpmr2.html - --------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: 2.6.3a Charset: cp850 Comment: Registered_User_E-Secure_v1.1b1_ES000000 iQCVAwUBNFEWyI9Co1n+aLhhAQE9MgP/dbk/ZgPNsIux+dlOBZ6b5ZNyhuZSuDT+ ZCjRDKPFRopZiRr5ERlt9cv+CAqFmE9w/h/hvbBCOUlPb7eXD2HskpveqcKwpwTh Cfjd/iWaUAzHZjryW5/yOPLxZeXojEvXGg1XlCjaKr51DvBJdITTJRtqwWvNRCd2 BL3O85bCS90= =4fkg -----END PGP SIGNATURE-----
participants (2)
-
markļ¼ unicorn.com -
William H. Geiger III