1995-08-19 - Re: Exportable if Escrowed

Header Data

From: Bill Stewart <stewarts@ix.netcom.com>
To: cypherpunks@toad.com
Message Hash: 490e980d0b509df8a6ee19b82763e1243e55835bdeda45849e28cba1752559a0
Message ID: <199508190800.BAA26798@ix9.ix.netcom.com>
Reply To: N/A
UTC Datetime: 1995-08-19 08:02:33 UTC
Raw Date: Sat, 19 Aug 95 01:02:33 PDT

Raw message

From: Bill Stewart <stewarts@ix.netcom.com>
Date: Sat, 19 Aug 95 01:02:33 PDT
To: cypherpunks@toad.com
Subject: Re: Exportable if Escrowed
Message-ID: <199508190800.BAA26798@ix9.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


PGP inherently provides master-key service, which can be used for escrow.
On a normal PGP message, there's a session key which the sender knows,
and a copy of the session key is provided to the recipient, who can open
it on the condition that he has the genuine private key.  That's fairly
close to _real_ escrow - it's certainly closer than Clipper's Master-Key stuff.
(And it has a lot more masters :-)

If PGP message-senders want to do so, they can use multiple recipients
on a given message, so the key is accessible to a third party trusted by
the sender (the legitimate recipient already can give it to trusted parties.)
(Typically a sender might use encrypt-to-self to retain the key for later use.)

An amusing feature to add to PGP (using the 3.0 toolkits when available)
would be a session-key-splitting feature, which uses Shamir M/N sharing or
a simple two-way split and encrypts the splits with different people's
public keys,
so that you could give them to semi-trusted parties.

Of course, the Clintonites' proposal of "Well let you use slightly less wimpy
encryption in return for GAK" is really offensive - if they've got GAK,
it doesn't matter if they keys are 64000 bits long, since they'll have them.
Smokescreen.

On the other hand, master GAK keys don't fit well into a Web of Trust -
you'd essentially have to require that people only send mail to keys that are
signed by an escrow service, and people wouldn't always do that if they had
a choice - to enforce GAK, you either need to limit the sender's encryption
software (unrealistic) or the recipient's decryption software (unrealistic),
probably by requiring exportable products to use a specific hierarchical
key-service.
#---
#                                Thanks;  Bill
# Bill Stewart, Freelance Information Architect, stewarts@ix.netcom.com
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---

	   "The fat man rocks out
	Hinges fall off Heaven's door
	   "Come on in," says Bill"    Wavy Gravy's haiku for Jerry






Thread