1997-10-15 - Re: Just say “No” to key recovery concerns…keep OpenPGP pure
Header Data
From: Rick Smith <smith@securecomputing.com>
To: Tim May <zooko@xs4all.nl
Message Hash: dabb3907dd0d187be90f05954518b6a0237fbf4e2b4aff8a7c665e432e78e23f
Message ID: <v03007802b06aada46459@[172.17.1.150]>
Reply To: <199710141329.OAA02853@server.test.net>
UTC Datetime: 1997-10-15 18:27:48 UTC
Raw Date: Thu, 16 Oct 1997 02:27:48 +0800
Raw message
From: Rick Smith <smith@securecomputing.com>
Date: Thu, 16 Oct 1997 02:27:48 +0800
To: Tim May <zooko@xs4all.nl
Subject: Re: Just say "No" to key recovery concerns...keep OpenPGP pure
In-Reply-To: <199710141329.OAA02853@server.test.net>
Message-ID: <v03007802b06aada46459@[172.17.1.150]>
MIME-Version: 1.0
Content-Type: text/plain
While I think that a variety of robust and successful products will proably
emerge that support various types of key recovery, I strongly agree with
Tim on engineering grounds: Keep It Simple, Stupid.
When it comes to deciding on the contents of a standard, let's keep in mind
that we're working with a relatively new technology. We'll make more
progress by standardizing proven concepts, and these integrated key
recovery hacks don't have the operating history that vanilla PGP has. If
anything, my experience with Guard keying suggests that the proposed
mechansims aren't enough. The problem has more hair than our sheepdog.
I don't think the protocol standard needs to take a political statement
about key recovery mechanisms, but it *must* outline the protocol's
traditional security objectives pretty much the way Tim outlined them. That
sets the context for a robust protocol that has a successful history.
Now I need to shut off my mailer and go pack my suitcase.
Rick.
smith@securecomputing.com Secure Computing Corporation
"Internet Cryptography" now in bookstores http://www.visi.com/crypto/
Thread
Return to October 1997
- Return to “Adam Back <aba@dcs.ex.ac.uk>”
- Return to “alexlh@xs4all.nl”
- Return to “Andrew Bromage <bromage@cs.mu.oz.au>”
- Return to “Bianca <bianca@dev.null>”
- Return to “Lucky Green <shamrock@cypherpunks.to>”
- Return to “lutz@taranis.iks-jena.de (Lutz Donnerhacke)”
- Return to “Rick Smith <smith@securecomputing.com>”
- Return to “Ryan Anderson <randerso@ece.eng.wayne.edu>”
- Return to “Tim May <tcmay@got.net>”
Return to “Zooko Journeyman <zooko@xs4all.nl>”
- 1997-10-14 (Tue, 14 Oct 1997 19:17:16 +0800) - commercial data recovery - Zooko Journeyman <zooko@xs4all.nl>
- 1997-10-14 (Tue, 14 Oct 1997 20:21:43 +0800) - Re: commercial data recovery - alexlh@xs4all.nl
- 1997-10-14 (Tue, 14 Oct 1997 22:53:36 +0800) - Re: commercial data recovery - Adam Back <aba@dcs.ex.ac.uk>
- 1997-10-15 (Thu, 16 Oct 1997 02:27:48 +0800) - Re: Just say “No” to key recovery concerns…keep OpenPGP pure - Rick Smith <smith@securecomputing.com>
- 1997-10-14 (Wed, 15 Oct 1997 06:59:56 +0800) - Just say “No” to key recovery concerns…keep OpenPGP pure - Tim May <tcmay@got.net>
- 1997-10-15 (Wed, 15 Oct 1997 08:13:13 +0800) - Re: Just say “No” to key recovery concerns…keep OpenPGP pure - Lucky Green <shamrock@cypherpunks.to>
- 1997-10-15 (Wed, 15 Oct 1997 09:57:43 +0800) - Re: Just say “No” to key recovery concerns…keep OpenPGP pure - Adam Back <aba@dcs.ex.ac.uk>
- 1997-10-15 (Wed, 15 Oct 1997 12:17:09 +0800) - Re: Just say “No” to key recovery concerns…keep OpenPGP pure - Lucky Green <shamrock@cypherpunks.to>
- 1997-10-15 (Wed, 15 Oct 1997 15:06:43 +0800) - Re: Just say “No” to key recovery concerns…keep OpenPGP pure - Adam Back <aba@dcs.ex.ac.uk>
- 1997-10-15 (Wed, 15 Oct 1997 16:12:21 +0800) - Just say “Huh?” to key recovery concerns…keep OpenPGP pure - Bianca <bianca@dev.null>
- 1997-10-15 (Wed, 15 Oct 1997 13:13:00 +0800) - Re: Just say “No” to key recovery concerns…keep OpenPGP pure - Tim May <tcmay@got.net>
- 1997-10-15 (Wed, 15 Oct 1997 15:07:23 +0800) - Re: Just say “No” to key recovery concerns…keep OpenPGP pure - Adam Back <aba@dcs.ex.ac.uk>
- 1997-10-15 (Wed, 15 Oct 1997 12:17:09 +0800) - Re: Just say “No” to key recovery concerns…keep OpenPGP pure - Lucky Green <shamrock@cypherpunks.to>
- 1997-10-15 (Wed, 15 Oct 1997 09:57:43 +0800) - Re: Just say “No” to key recovery concerns…keep OpenPGP pure - Adam Back <aba@dcs.ex.ac.uk>
- 1997-10-15 (Wed, 15 Oct 1997 08:20:24 +0800) - Re: Just say “No” to key recovery concerns…keep OpenPGP pure - Tim May <tcmay@got.net>
- 1997-10-15 (Wed, 15 Oct 1997 11:56:01 +0800) - Re: Just say “No” to key recovery concerns…keep OpenPGP pure - Lucky Green <shamrock@cypherpunks.to>
- 1997-10-15 (Wed, 15 Oct 1997 15:06:41 +0800) - Re: Just say “No” to key recovery concerns…keep OpenPGP pure - Adam Back <aba@dcs.ex.ac.uk>
- 1997-10-15 (Wed, 15 Oct 1997 11:56:01 +0800) - Re: Just say “No” to key recovery concerns…keep OpenPGP pure - Lucky Green <shamrock@cypherpunks.to>
- 1997-10-15 (Wed, 15 Oct 1997 10:43:08 +0800) - Re: Just say “No” to key recovery concerns…keep OpenPGP pure - Ryan Anderson <randerso@ece.eng.wayne.edu>
- 1997-10-15 (Thu, 16 Oct 1997 02:58:20 +0800) - Re: Just say “No” to key recovery concerns…keep OpenPGP pure - Tim May <tcmay@got.net>
- 1997-10-20 (Mon, 20 Oct 1997 22:18:41 +0800) - Re: Just say “No” to key recovery concerns…keep OpenPGP pure - lutz@taranis.iks-jena.de (Lutz Donnerhacke)
- 1997-10-15 (Wed, 15 Oct 1997 08:13:13 +0800) - Re: Just say “No” to key recovery concerns…keep OpenPGP pure - Lucky Green <shamrock@cypherpunks.to>
- 1997-10-15 (Wed, 15 Oct 1997 08:09:04 +0800) - Re: commercial data recovery - Andrew Bromage <bromage@cs.mu.oz.au>