CMR/ARR revisited

Adam Back aba at dcs.ex.ac.uk
Mon Nov 3 16:11:50 PST 1997




Jon Callas suggests that CMR has been discussed vigorously.  What was
the outcome?

Here's a short summary of a more secure and less politically
controversial alternative to CMR:

1. Escrow employee company use encryption keys.
2. Don't escrow employee personal use encryption keys.
3. Don't escrow employee company use signature keys.

As pgp5 packet format already supports multiple encryption sub keys
attached to signature keys, all that has to be done to support the
above is to put comments in the userID to say what purpose the keys
are for:

Jon Callas <jon at pgp.com> (personal use)
Jon Callas <jon at pgp.com> (company use)

Provide support in the business verion of the software to escrow the
company use key.  Provide support for both company use and personal
use keys.  If some companies want to disallow personal use, you might
consider adding this feature.


The above is already provided for without CMR/ARR.

CMR/ARR fields add political and security risks, so why bother?


So what is PGP Inc's position on the future of CMR?

Is it going to be phased out?

Is it going in the OpenPGP standard?

Are there any security, privacy or political objections to local
escrow?

Enciphering minds want to know...

Adam







More information about the cypherpunks-legacy mailing list