1995-12-12 - Re: NIST GAK meeting writeup, LONG part 3 of 3

Header Data

From: jim bell <jimbell@pacifier.com>
To: pfarrell@netcom.com (Pat Farrell)
Message Hash: 62dbad3c2f405a8ee7fa75a1184a269fab075614396170de6d94fc1131930c56
Message ID: <m0tPFLA-0008xoC@pacifier.com>
Reply To: N/A
UTC Datetime: 1995-12-12 06:13:08 UTC
Raw Date: Tue, 12 Dec 1995 14:13:08 +0800

Raw message

From: jim bell <jimbell@pacifier.com>
Date: Tue, 12 Dec 1995 14:13:08 +0800
To: pfarrell@netcom.com (Pat Farrell)
Subject: Re: NIST GAK meeting writeup, LONG part 3 of 3
Message-ID: <m0tPFLA-0008xoC@pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


At 11:04 AM 12/10/95 -0800, you wrote:
>
>NIST Key Export meeting, December 5, 1995 Long version 
>Part 3 of 3.
>
>This covers the notes on agent criteria, and the 
>industry presentations. 
>
[stuff deleted]
>
>Geoff said that they may want legislation support for 
>protecting against illegal release of keys, failure to release, etc.

Pardon me, but since this "key escrow" system was always claimed to be
"voluntary," then how can there be any kind of legal penalties associated
with "failure to release" those keys?


Which raises another question:  Let's suppose I owned a product based on
CKE, and I went to the escrow agent and said, "This escrow is voluntary,
right?  If so, erase my key in your possession."

Not that I'd trust them to do so, but how "voluntary" can a system be if
people can't volunteer out of it?






Thread