1997-10-14 - Re: proposal: commercial data recovery

Header Data

From: Bill Frantz <frantz@netcom.com>
To: Adam Back <ietf-open-pgp@imc.org
Message Hash: 1cb52ebc7645017bd29399d87a8ab8004e3eddc393d78bb68c10fcaeaa853898
Message ID: <v0300780cb06943af6a1f@[207.94.249.37]>
Reply To: <199710140937.KAA01187@server.test.net>
UTC Datetime: 1997-10-14 16:25:46 UTC
Raw Date: Wed, 15 Oct 1997 00:25:46 +0800

Raw message

From: Bill Frantz <frantz@netcom.com>
Date: Wed, 15 Oct 1997 00:25:46 +0800
To: Adam Back <ietf-open-pgp@imc.org
Subject: Re: proposal: commercial data recovery
In-Reply-To: <199710140937.KAA01187@server.test.net>
Message-ID: <v0300780cb06943af6a1f@[207.94.249.37]>
MIME-Version: 1.0
Content-Type: text/plain



At 2:37 AM -0700 10/14/97, Adam Back wrote:
>...
>2. second crypto recipients on encrypted communications are not
>   used to allow access to third parties who are not messaging
>   recipients manually selected by the sender
>...
>
>Included in 2) is the principle of not re-transmitting over
>communication channels keys or data re-encrypted to third parties
>after receipt -- that is just structuring -- and violates design
>principle 2.

This requirement tries to enforce something which can not be enforced by
technical means.  That is, when you send another person some data, there is
no technical way you can prevent them from using it however they want.  For
example, a user can always program his filters (given something like
procmail) to send decrypted data anywhere he wants.

The idea that you can control what users do with data thru technical means
is the most common flaw I see when people think about security.


N.B. I applaud Adam's direction of building the data recovery businesses
need without helping 3rd parties engage in undetected snooping.  Keeping
the decryption keys (if data is not stored in the clear) near the
legitimate copies seems to be a useful step in this direction.


-------------------------------------------------------------------------
Bill Frantz       | Internal surveillance      | Periwinkle -- Consulting
(408)356-8506     | helped make the USSR the   | 16345 Englewood Ave.
frantz@netcom.com | nation it is today.        | Los Gatos, CA 95032, USA







Thread