From: Bill Sommerfeld <sommerfeld@orchard.medford.ma.us>
Date: Wed, 5 Oct 94 09:33:28 PDT
To: Carl Ellison <cme@tis.com>
Subject: Re: Referrences to SKE and GAK
In-Reply-To: <9410051404.AA11905@tis.com>
Message-ID: <199410051616.MAA00815@orchard.medford.ma.us>
MIME-Version: 1.0
Content-Type: text/plain


Carl,

I think the main problem here is that the government seized the
initiative by using "Key Escrow" when they really mean "Government
Access to Keys"; also, the infamous Gore->Cantwell letter refers to
SKE, but clearly means, from context, that they're referring to what
you refer to as KEG.  This makes it difficult to advocate key escrow
of any form without appearing to endorse "escrow" with the government
as the grantee.

Also:

One can divide the use of encryption in computer networks in two
classes:

 - encrypting real-time communications
 - encrypting stored data (files).

Key escrow in the former case is only useful in the presence of
wiretaps, since the encrypted data is ephemeral.

The business/commercial justification for key escrow (having a "spare
key" around) is really only applicable in the second case.

					- Bill