1997-10-23 - Re: PGP 5.5 CMR/GAK: a possible solution

Header Data

From: mark@unicorn.com
To: jon@pgp.com
Message Hash: dbf20d76457c2054c0e09803c034efb699a08dda730411a05560b0a548e87320
Message ID: <877599242.19194.193.133.230.33@unicorn.com>
Reply To: N/A
UTC Datetime: 1997-10-23 10:26:59 UTC
Raw Date: Thu, 23 Oct 1997 18:26:59 +0800

Raw message

From: mark@unicorn.com
Date: Thu, 23 Oct 1997 18:26:59 +0800
To: jon@pgp.com
Subject: Re: PGP 5.5 CMR/GAK: a possible solution
Message-ID: <877599242.19194.193.133.230.33@unicorn.com>
MIME-Version: 1.0
Content-Type: text/plain



jon@pgp.com wrote:

> This is exactly CMR. The only thing that Business 5.5 does is automatically
> add the department for you, and put up the recipient dialog so it can be
> taken off. Congrats.

On the contrary, it is *not* CMR. CMR encrypts to multiple keys for a single
recipient. This system only ever encrypts to one key per recipient. PGP 5.5's
ability to force people to encrypt to multiple keys for one recipient is the
evil aspect of the design, because it's the one which allows it to be used
to enforce GAK. PGP's CMR can be used to force everyone to encrypt to the
FBI as well as the NSA. My system can't.
 
I tried very hard to make this distinction clear in my description. I'm 
amazed that so many people seemed to miss it.

    Mark






Thread