1997-10-09 - Re: What’s really in PGP 5.5?

Header Data

From: Ryan Anderson <randerso@ece.eng.wayne.edu>
To: Tim May <cypherpunks@Algebra.COM
Message Hash: 096034611b09012929a9c1352a5c1b9602b8bf8ae9a27220675efdfa19fbfa0d
Message ID: <3.0.2.32.19971009102535.006b5a50@ece.eng.wayne.edu>
Reply To: <3.0.2.32.19971008090442.0070305c@ece.eng.wayne.edu>
UTC Datetime: 1997-10-09 14:32:14 UTC
Raw Date: Thu, 9 Oct 1997 22:32:14 +0800

Raw message

From: Ryan Anderson <randerso@ece.eng.wayne.edu>
Date: Thu, 9 Oct 1997 22:32:14 +0800
To: Tim May <cypherpunks@Algebra.COM
Subject: Re: What's really in PGP 5.5?
In-Reply-To: <3.0.2.32.19971008090442.0070305c@ece.eng.wayne.edu>
Message-ID: <3.0.2.32.19971009102535.006b5a50@ece.eng.wayne.edu>
MIME-Version: 1.0
Content-Type: text/plain



At 08:55 AM 10/8/97 -0700, Tim May wrote:
>>Well, any company giving stock advice (and governed by SEC rules on stock
>>tips, etc.) is already require to have all outgoing mail approved (e-mail
and
>>snail), so does it matter if they record it or not?
>>
>
>Could you give me some cites for this rule?
>
>My own stock broker seems to be sending me stuff on the spur of the moment,
>so unless he has a government agent sitting in his office approving these
>notes he sends me, there is no "outgoing mail approved (e-mail and snail)"
>situation.

I believe I read that in Infoworld or ComputerWorld (within the last month,
maybe 2)

The rules that the SEC had for snail mail (for brokers/traders I believe),
in that all mail had to be approved by someone in the company now apply to
e-mail.

I don't save my copies of Infoworld or Computeworld anymore (too much
paper) so I can't look it up easily for you.

>(They can try to get a warrant if they think I've violated the insider
>trading or other securities laws. But no "approval" is needed, nor of
>course is any escrow of keys required.)

Oh, I see where I was a bit unclear in my original statement.  This rule
only applies to the brokerage firms (I think I've got the right terms
there, if not, the general idea should be clear)

>(When I was Intel, we didn't have crypto. But if we did, the real concern
>would be encryption of lab notebooks, documents on disk, etc., not my
>communications with outsiders. These are the files which would vanish were
>I to be hit by a truck.  As we have discussed many times, how does
>escrowing the _channel_ key (Alice sending to Bob) solve the "hit by a
>truck" problem?)

What, you don't encrypt your lab book to yourself (and sign it) with your
public key?  Easier than remembering another symmetric key, and allows you
to keep a the recovery key in use.



-----------------------------------------------------------------------
Ryan Anderson - <Pug Majere>     "Who knows, even the horse might sing" 
Wayne State University - CULMA   "May you live in interesting times.."
randerso@ece.eng.wayne.edu         
PGP Fingerprint - 7E 8E C6 54 96 AC D9 57  E4 F8 AE 9C 10 7E 78 C9
-----------------------------------------------------------------------






Thread