what is purpose of CMR?
Adam Back
aba at dcs.ex.ac.uk
Sat Oct 18 02:49:24 PDT 1997
Jon Callas <jon at pgp.com> writes:
> At 12:54 AM 10/18/97 +0100, Adam Back wrote:
>
> > [what is CMR key for surveillance/ or disaster recovery]
>
> It's not for surveillance. It's for recovering from disaster.
In that case recovery can be much more simply and securely achieved
locally to the recipient. Escrow or use locally stored recovery
information. The CMR key is not needed for this functionality.
> I think it would be a good thing to send a PGP message over an
> encrypted link (TLS or other).
This is an independently good idea and would mitigate some of the
possibilites of CMR functionality being used for purposes other than
it's designers intended.
However it is hard to do; and the keys have different security focus
becuase it is hard to use user <-> user end to end TLS because of the
store and forward nature of email.
Adam
--
Now officially an EAR violation...
Have *you* exported RSA today? --> http://www.dcs.ex.ac.uk/~aba/rsa/
print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<>
)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`
More information about the cypherpunks-legacy
mailing list