From: A5113643667@attpls.net (Tom Jones)
To: cypherpunks@toad.com (Cypherpunks)
Message Hash: 8c09f06f7a508ab211876a4da464e955562d457262f26765250eada49757d9c9
Message ID: <682D3253>
Reply To: N/A
UTC Datetime: 1996-04-05 11:22:08 UTC
Raw Date: Fri, 5 Apr 1996 19:22:08 +0800
From: A5113643667@attpls.net (Tom Jones)
Date: Fri, 5 Apr 1996 19:22:08 +0800
To: cypherpunks@toad.com (Cypherpunks)
Subject: Re: Article on PGP Viacrypt
Message-ID: <682D3253>
MIME-Version: 1.0
Content-Type: text/plain
Dear Cypherpunks,
----------------
Received: by attpls.net with Magicmail;3 Apr 96 09:19:59 UT
Date: 5 Apr 96 02:14:38 UT
Sender: owner-cypherpunks@toad.com (owner-cypherpunks)
From: owner-cypherpunks@toad.com (owner-cypherpunks)
Subject: Re: Article on PGP Viacrypt
To: walter@cithe302.cithep.caltech.edu (Chris Walter)
cc: cypherpunks@toad.com (Cypherpunks)
Message-Id: <199604030451.UAA06038@slack.lne.com>
In-Reply-To: <<WALTER.96Apr2124421@cithe302.cithep.caltech.edu> from
"Chris Walter" at Apr 2, 96 08:44:20 pm>
X-X-AUTHENTICATION-WARNING: toad.com: majordom set sender to
owner-cypherpunks using -f
I would have to agree that if businesses are to use PGP that "good" key
escrow MUST be provided.
Peace ..Tom
Chris Walter writes:
>
> Hi Folks,
>
> There is an interesting article by Simon Garfinkle in this
> morning's(Apr 2nd) electronic version of the San Jose Mercury news.
> Its on the index page so I don't think you need an account to read
> it.
>
> The article deals with the new key management features and extensions
> in Viacrypt and how PRZ is upset since it allows employers to read
> their employees messages.
I read it this morning.
The gist is that this new evil PGP lets your employer
SPY ON EVERYTHING YOU DO! And was written in about
that tone.
I was disappointed by the article. I don't know if Simson
is deluded about the use of Viacrypt PGP, or the article got
hacked up by by ignorant/malicious editors, or my understanding of
Viacrypt PGP is competely wrong.
I thought the purpose to putting key escrow (that's real escrow
not GAK) into PGP was to allow its use for business purposes.
Often in business use you're not too concerned with keeping secrets
from
your employer or fellow employees, but do want to keep those
secrets within the company. And there is a real concern that you
might encrypt company-secret stuff and then fall off your motorcycle
and get run over by a truck, leaving your securely-encrypted company
secrets suddenly inaccessable to the company...
Key escrow, with the keys held by the company, is designed to prevent
this problem.
The article failed to mention that you're not prevented from using
a non-escrow PGP for personal secrets (could Viacrypt PGP prevent
you from using PGP 2.6.2? I don't think so) and made it sound
like Viacrypt PGP is designed to allow nosy employers to spy on
employees encrypted email. I guess it would, if the employers were
that nosy and the employees dumb enough to use company-provided
escrowed PGP to send personal secrets. But that theory's about
as credible as the Clipper chip proponents's "dumb crooks" theory
where crooks would want encrypted phones but be dumb enough to
forget that the Government held the keys...
Simson's the one main-line journalist who writes about internet
and computer issues that I still think has a clue, and has written
a pretty good book about PGP, so I'd be suprised if he got this
so wrong. On the other hand, I haven't used this new Viacrypt PGP
and I'm going on what I think that escrowed PGP is really good for.
Maybe my feeling about that have blinded me to reality. Or, most
likely, the editor(s) hacked the story up either out of ignorance
or to present a viewpoint that they had already decided they want to
present, truth be damned.
If I wanted to present a conspiracy theory about the government
wanting to discourage use of PGP for businesses, this would be the
place to do it. If PGP gains a foothold in the businessplace
it'll be nearly impossible to eradicate, given the fact that
(big) business essentially runs the country. Key escrow will
make PGP a lot more usefull to businesses, increasing its use.
I'm sure you can fill in the rest of the theory.
> http://www.sjmercury.com/business/priv401.htm
>
--
Eric Murray ericm@lne.com ericm@motorcycle.com
http://www.lne.com/ericm
PGP keyid:E03F65E5 fingerprint:50 B0 A2 4C 7D 86 FC 03 92 E8 AC E6 7E
27 29 AF
---
NOTICE: This message originally included graphics and/or sounds which
can only be received by AT&T PersonaLink(sm) subscribers. You received
only the text portion(s) of the message. Please contact the sender for
information that was deleted. To learn how to send and receive
graphics, voice and text messages via AT&T PersonaLink Services, call
1-800-936-LINK.
----------------
Return to April 1996
Return to “A5113643667@attpls.net (Tom Jones)”
1996-04-05 (Fri, 5 Apr 1996 19:22:08 +0800) - Re: Article on PGP Viacrypt - A5113643667@attpls.net (Tom Jones)