From: frantz@netcom.com (Bill Frantz)
Date: Wed, 29 May 1996 12:56:02 +0800
To: Carl Ellison <cme@ACM.ORG>
Subject: Re: Clipper III analysis
Message-ID: <199605290034.RAA26908@netcom7.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


At  4:11 PM 5/28/96 -0400, Carl Ellison wrote:
>There were a number of flaws in that paper, but perhaps the most glaring to
>me is that there are actually 3 classes of key:
>
>the two you mentioned:
>        communications key
>        storage key
>and
>        signature key
>
>Of these, you want key recovery *only* for storage keys.  You want to make
>sure no one can get to your signature key.  Even the IWG paper notes that.
>But the only use for a PKI of any form is for a signature key.  Once you
>have your identity established somehow for a signature key, you can
>generate and sign comm or storage keys at will.  Furthermore, if you lose a
>signature key, there's no big loss.  You generate a new one and get a new
>cert for it.  So there's *NEVER* a reason for key recovery for a signature
>key -- the only keys for which there is a need for a PKI.

Carl is right.  They want to GAK all keys including signature keys.  Now
think, to whom in your life are you willing to grant unlimited power of
attorney?  Your spouse?  Your lawyer?  Your banker?  Your employer?  Your
government?

Giving away your signature key is worse.  Not only can any key holder act
FOR you, he can act AS you.  "We've got you cold perp.  You signed this
child porn that was posted to alt.binary.etc.  You can make your calls from
jail."  Who needs entrapment.


------------------------------------------------------------------------
Bill Frantz       | The CDA means  | Periwinkle  --  Computer Consulting
(408)356-8506     | lost jobs and  | 16345 Englewood Ave.
frantz@netcom.com | dead teenagers | Los Gatos, CA 95032, USA