From: Carl Ellison <cme@sw.stratus.com>
Date: Tue, 23 Nov 93 19:58:04 PST
To: cypherpunks@toad.com
Subject: an exchange on the pem-dev list
Message-ID: <199311240357.WAA08298@ellisun.sw.stratus.com>
MIME-Version: 1.0
Content-Type: text/plain


>Message-Id: <199311231010.AA02853@mitsou.inria.fr>
>To: Steve Kent <kent@bbn.com>
>Cc: pem-dev@TIS.COM
>Subject: Re: desire to use multiple keys, at least in RIPEM 
>In-Reply-To: Your message of "Mon, 22 Nov 1993 17:09:30 EST."
>             <9311222207.AA26212@relay.tis.com> 
>Date: Tue, 23 Nov 1993 11:10:11 +0100
>From: Christian Huitema <Christian.Huitema@sophia.inria.fr>
>
>Steve,
>
>The "use two key" version may also be a result of strict cryptographic
>requirement. The services-that-be may well end up only allowing us to use
>relatively short RSA keys for session-key encryption purposes. E.g. if I want
>to send an encrypted message in France to you, I should pick one of your keys
>wich is short enough (say, 256 bits) and use that to pass the session key. I
>can still sign with my 1024 bits RSA key -- signature is not a problem. Our
>local variation of key escrow, I suppose...
>
>Christian Huitema
>


>From cme Tue Nov 23 22:53:11 1993
>To: Christian.Huitema@sophia.inria.fr
>Subject: Re: desire to use multiple keys, at least in RIPEM
>Cc: kent@bbn.com
>
>No need.
>
>I hate to offer aid and comfort to the spies -- but if your gov't had such
>a dumb rule, it could have its own 1024-bit RSA key and you could include it as
>a cc: on all messages.
>
>Oops.  I just realized that your gov't *does* have such a dumb rule.
>
>...time for another Bastile Day?
>
> - Carl
>
>:-|