1994-07-22 - Re: “Key Escrow” — the very idea

Header Data

From: Carl Ellison <cme@tis.com>
To: Mike_Spreitzer.PARC@xerox.com
Message Hash: 05e3109a9bbfd1a95a7423e6b18b7a9f4686254cafe9ae73ff36e573ea580a50
Message ID: <9407221303.AA00981@tis.com>
Reply To: <94Jul21.164935pdt.14430(3)@alpha.xerox.com>
UTC Datetime: 1994-07-22 13:04:19 UTC
Raw Date: Fri, 22 Jul 94 06:04:19 PDT

Raw message

From: Carl Ellison <cme@tis.com>
Date: Fri, 22 Jul 94 06:04:19 PDT
To: Mike_Spreitzer.PARC@xerox.com
Subject: Re: "Key Escrow" --- the very idea
In-Reply-To: <94Jul21.164935pdt.14430(3)@alpha.xerox.com>
Message-ID: <9407221303.AA00981@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


if you really want to propose an escrow system we can live with,
I would demand that it include:

1.	unambiguous ID of the person being tapped in the LEAF-equivalent
2.	multiple escrow agencies, at least one of which is the NSA HQ
	(for its superior physical security)
3.	watchdogs as escrow agents (e.g., ACLU, Rep & Dem parties, CPSR,
	EFF, NYTimes, ...) with authorization to look for abuses of
	authority and to refuse to release keys in such cases and to
	publicize such cases as well as bringing them to the attention
	of law enforcement for prosecution.
4.	user-generated escrow keys, to reduce the chance of anyone having a
	backdoor way to get the whole escrow key database.





Thread