From: Ben Laurie <ben@gonzo.ben.algroup.co.uk>
Date: Thu, 7 Nov 1996 02:23:44 -0800 (PST)
To: ietf-pkix@tandem.com
Subject: Euro Key Escrow
Message-ID: <9611070921.aa15606@gonzo.ben.algroup.co.uk>
MIME-Version: 1.0
Content-Type: text/plain


Someone, somewhere, posted a rumour that Europe was about to go for a key
escrow scheme known as "Royal Holloway".

I have done a little research and gleaned the following:

It is, apparently, true that the EC is considering schemes for key escrow, by
"trusted third parties" (trusted by who, I'd like to know?). "Royal Holloway"
is one of these schemes. It is named after the college of origin, if anyone
cares. It essentially revolves around each pair of TTPs sharing two out of
three parts of a key, and generating the third part for each of their users.
The idea is that either of the TTPs who generated keys for an encrypted
message exchange can decode it (by using the private key of their "client" and
the public key of the other TTP's "client").

Full details can be found at:

ftp://ftp.dcs.rhbnc.ac.uk/pub/Chris.Mitchell/istr_a2.ps

This is in PostScript. I'm not aware of any plain text versions.

I'm informed that this is likely to be introduced into EC legislation, though
my understanding is that members are not required to actually incorporate the
legislation. No doubt France will embrace it with happy shouts.

Of course, it is our duty as netizens to resist this kind of rubbish, and I
encourage you to write to your MP/EuroMP (or local equivalent).

Cheers,

Ben.

-- 
Ben Laurie                Phone: +44 (181) 994 6435  Email: ben@algroup.co.uk
Freelance Consultant and  Fax:   +44 (181) 994 6472
Technical Director        URL: http://www.algroup.co.uk/Apache-SSL
A.L. Digital Ltd,         Apache Group member (http://www.apache.org)
London, England.          Apache-SSL author