Commercial Key Escrow?
ericm at lne.com
ericm at lne.com
Fri Jan 20 14:10:54 PST 2006
On Fri, Jan 20, 2006 at 04:38:56PM -0500, R. A. Hettinga wrote:
> At 1:26 PM -0800 1/20/06, ericm at lne.com wrote:
> >I'm looking for someone who provides an actual commercial key
> >escrow service, not double encryption with a master key.
>
> One would think that the effect, being the same, creates a distinction
> without a difference?
In some cases, yes. But not for this application.
I really am looking for a commercial trusted third party to hold keys.
I've found a bunch of references from ~10 years ago that say
that someday commercial key escrow will be prevalent
but it appears that someday hasn't yet arrived.
My problem is in many ways similar to the problem a CA would face
in ensuring business continuity in a business that depends on
keeping secrets.
What does say Verisign do to back up their root CA private keys?
They probably have a bunch of BBN SafeKeypers (or rather the modern
equivalent FIPS-140 hardware). What if all of them croak at the same time?
Do they keep multiple backups? What happens if the keys/passphrases
for those backups are lost?
Or secret sharing? What if N-(K+1) shares are destroyed? Do they
just quit the CA business then? There presumeably are scenerios
under which that is the only answer, and Verisign has judged their
possibility to be so remote and/or their solution cost so high
that they are not worth defending against.
What would Verisign do if they didn't have security experts to
decide what's an acceptable risk and what isn't, and instead
just wanted to have someone else deal with the problem for them?
Eric
More information about the cypherpunks-legacy
mailing list