1994-07-27 - Re: Gore’s “new and improved” key escrow proposal

Header Data

From: Michael Paul Johnson <mpj@netcom.com>
To: Phil Karn <karn@qualcomm.com>
Message Hash: dc552cbf4c03eb57abdbd8c1f28056585a509cc90a94e519beb6614e8131c48b
Message ID: <Pine.3.89.9407270757.A28527-0100000@netcom3>
Reply To: <199407251802.LAA10432@servo.qualcomm.com>
UTC Datetime: 1994-07-27 14:51:48 UTC
Raw Date: Wed, 27 Jul 94 07:51:48 PDT

Raw message

From: Michael Paul Johnson <mpj@netcom.com>
Date: Wed, 27 Jul 94 07:51:48 PDT
To: Phil Karn <karn@qualcomm.com>
Subject: Re: Gore's "new and improved" key escrow proposal
In-Reply-To: <199407251802.LAA10432@servo.qualcomm.com>
Message-ID: <Pine.3.89.9407270757.A28527-0100000@netcom3>
MIME-Version: 1.0
Content-Type: text/plain




On Mon, 25 Jul 1994, Phil Karn wrote:

> I think we need to distinguish between encrypted *storage* and
> encrypted *communications*.  Voluntary key escrow may make sense for
> encrypted stored business files, but communications is a different
> story. Since there should be nobody out there recording packets, there
> is no need to back up or escrow the keys used to encrypt them.

Good point.  The line between storage and transmission gets kind of 
fuzzy, however, if transmitted messages get stored in encrypted form.  I 
think that if I were designing an encryption system to be used for both 
in my own business, I would probably consider a compartmented escrow 
system for both kinds of messages, with a different escrow public key for 
each department.  That is would be a good balance between two evils:  
unauthorized disclosure of proprietary communications, and loss of 
encrypted data due to loss of a key or loss of an employee.  Naturally, 
this would not be as convenient for law enforcement agents and spies, but 
I suppose that my own escrow data base would still be subject to the same 
subpoena process as the rest of my records, but I would be more likely to 
know when information was being leaked.

                  ___________________________________________________________
 |\  /| |        |                                                           |
 | \/ |o|        | Michael Paul Johnson  Colorado Catacombs BBS 303-772-1062 |
 |    | | /  _   | mpj@csn.org aka mpj@netcom.com m.p.johnson@ieee.org       |
 |    |||/  /_\  | ftp://ftp.csn.net/mpj/README.MPJ          CIS: 71331,2332 |
 |    |||\  (    | ftp://ftp.netcom.com/pub/mpj/README.MPJ  -. --- ----- ....|
 |    ||| \ \_/  |___________________________________________________________|





Thread