1996-07-18 - Re: Symantec’s Your Eyes Only

Header Data

From: “Clay Olbon II” <Clay.Olbon@dynetics.com>
To: “jim bell” <cypherpunks@toad.com>
Message Hash: 27f4a8e4ce68a1930385365e6fc6e11d30078a2ab714e3ea06f0bfb826aa320c
Message ID: <AE13B1B7-A50D82@193.239.225.200>
Reply To: N/A
UTC Datetime: 1996-07-18 17:11:36 UTC
Raw Date: Fri, 19 Jul 1996 01:11:36 +0800

Raw message

From: "Clay Olbon II" <Clay.Olbon@dynetics.com>
Date: Fri, 19 Jul 1996 01:11:36 +0800
To: "jim bell" <cypherpunks@toad.com>
Subject: Re: Symantec's Your Eyes Only
Message-ID: <AE13B1B7-A50D82@193.239.225.200>
MIME-Version: 1.0
Content-Type: text/plain


jim bell <jimbell@pacifier.com> wrote:
>At 11:57 AM 7/16/96 -0400, Clay Olbon II wrote:
>
>>Now my $.02.  I am concerned about the lack of a distinction between
>>transient communications and stored data.  This is apparent in the GAK
>>proposals, but is also increasingly apparent in mainstream corporate
>>products such as this one and ViaCrypt BE.  It is apparent (to me anyway)
>>that corporate access to stored data (data owned by the company, on
>>machines owned by the company) is probably necessary.  I do not see this
>>same need for access to transient communications.  Am I way off base on
>>this one?
>
>
>This has been mentioned a number of times by various people.  It should be

>obvious that it is pointless to escrow the key of a data stream that you
are 
>not recording, such as a telephone conversation.  Also, if you have no 
>permanent need for that data (also, the telephone conversation) it is 
>unnecessary.  As might be expected, however, the proponents of GAK don't 
>distinguish between keys for storage and keys for communication.  
>
>Such an oversight is predictable.  It's likely that governments will  be
>more 
>interested in keys for communication, because the data is far more easily 
>(and secretly) accessible.  Were they to admit that nobody has a need for 
>his own communication data key, they'd lose a substantial fraction of
their 
>target data.
>

My point was not that govts want to escrow communication keys, it was that
this is appearing more and more in commercial products marketed to
businesses.  I run the computer system for a small office and I would
rather not see employee email - maybe I am just naive.  However, there
obviously is a demand for this type of product.  It must come from either a
lack of understanding of crypto, or a freeh-style authoritarianism on the
part of corporate executives.  I wouldn't rule either one out.  If it is
the latter, I'm not sure there is anything we can do.

	Clay  

***************************************************************************
Clay Olbon II       *      Clay.Olbon@dynetics.com
Systems Engineer    *    PGP262 public key on web page
Dynetics, Inc.      * http://www.msen.com/~olbon/olbon.html
***************************************************************** TANSTAAFL






Thread