not escrowing signature keys (Re: PGP, Inc.--What were they thinking?)
Lucky Green
shamrock at cypherpunks.to
Mon Oct 27 03:41:49 PST 1997
On Mon, 27 Oct 1997, Adam Back wrote:
>
> Lucky Green <shamrock at cypherpunks.to> writes:
> > On Fri, 24 Oct 1997, Adam Back wrote:
> > And if you don't use such a system, then how do you deal with future
> > versions of the software that will allow the user to swap DH keys
> > from underneath the ElGamal keys?
[Stupid typo my part. This was supposed to be "swap ElGamal keys from
under the DSA keys."]
> Interesting question even if you are using separate signature keys.
> You've got a new signature key. You want to bind your recovered EG
> keys to it. So I guess you just strip the self-certificates from the
> EG keys, and add new ones made by the new signature key. You can
> still decrypt messages, and even pgp5.0 would be able to cope with
> that (it'll try to fetch keys to check the certification on the
> signature key).
>
> Adam
> --
> Now officially an EAR violation...
> Have *you* exported RSA today? --> http://www.dcs.ex.ac.uk/~aba/rsa/
>
> print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<>
> )]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`
>
-- Lucky Green <shamrock at cypherpunks.to> PGP encrypted email preferred.
"Tonga? Where the hell is Tonga? They have Cypherpunks there?"
More information about the cypherpunks-legacy
mailing list