From: Michael Froomkin <froomkin@law.miami.edu>
To: aba@dcs.ex.ac.uk>
Message Hash: bd72eac391f6b346ee36b8ab07670ed52d84da6acfcfb74be917a22f6590282f
Message ID: <Pine.SUN.3.94.960702165205.6149N-100000@viper.law.miami.edu>
Reply To: <199606300840.JAA00124@server.test.net>
UTC Datetime: 1996-07-03 01:46:32 UTC
Raw Date: Wed, 3 Jul 1996 09:46:32 +0800
From: Michael Froomkin <froomkin@law.miami.edu>
Date: Wed, 3 Jul 1996 09:46:32 +0800
To: aba@dcs.ex.ac.uk>
Subject: Re: UK Crypto regs?
In-Reply-To: <199606300840.JAA00124@server.test.net>
Message-ID: <Pine.SUN.3.94.960702165205.6149N-100000@viper.law.miami.edu>
MIME-Version: 1.0
Content-Type: text/plain
Thank you to AB for forwarding the Ross Anderson summary.
I am unclear on what I consider a key point regarding UK policy.
The US (and Japanese) governments have pledged not to seek to esrow
digital signature keys. (FWIW I think this is a very important and
praiseworthy pledge.) There is a large class of DS keys, eg RSA keys,
which can also be used for encryption; there is also a class of keys (eg.
SHA 1, I think?) that cannot. A PKI that requires escrow therefore must
either
a) limit the type of encryption allowed for DS keys, end exclude one of
the most popular flavors
or
b) escrow digital signature keys
I am unclear as to whether the UK authorities understand this, and if so
which option they plan to choose. I would welcome any information that
might be floating around.
[This message may have been dictated with Dragon Dictate 2.01.
Please be alert for unintentional word substitutions.]
A. Michael Froomkin | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law |
U. Miami School of Law | froomkin@law.miami.edu
P.O. Box 248087 | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's hot here. And humid.
Return to July 1996
Return to “Simon Spero <ses@tipper.oit.unc.edu>”