From: Kent Crispin <kent@bywater.songbird.com>
Date: Mon, 27 Oct 1997 22:51:14 +0800
To: cypherpunks@cyberpass.net
Subject: Re: Technical Description of PGP 5.5
In-Reply-To: <199710241425.PAA01534@server.test.net>
Message-ID: <19971027063955.64669@bywater.songbird.com>
MIME-Version: 1.0
Content-Type: text/plain



On Mon, Oct 27, 1997 at 02:26:27AM -0500, Thomas Junker wrote:
> 
> Recovery of messages in transit is entirely a snooping issue, 
> methinks.

Actually, it's snooping of messages in transit on a network OWNED BY 
THE COMPANY.

> Recovery of stored messages and files also seems to me to be a
> solution to a largely imaginary problem.  As I wrote before, there
> are more ways and more likely ways to lose data than through keeping
> encrypted files.  People live with it.  If they wish to address it,
> either individually or institutionally, they can do so without
> special features in PGP.  A feature in mail clients to store the 
> decrypted message in place of the original would do more to avoid 
> loss of stored encrypted messages than anything else I've seen 
> proposed.
[and]
> How on earth can people manage email and disk files without the 
> ability to "recover" data that can be lost in a thousand other ways 
> that no encryption package can protect against.  Geez.  Let's get 
> real here.

Given the frequency of "I've forgotten my password" incidents at
company help desks, widespread use of cryptography would cause this to
become *the* prime cause of lost data.  As has been pointed out, 
email is actually very reliable.  Hard disks are very reliable, tapes 
are very reliable.  Loss of data through these media has become very 
rare, and with intelligent practice, non-existent for all practical 
purposes. 

> This reminds me a lot of the objections of a few to sending EDI 
> traffic over the Internet.  When I proposed this in recent years I 
> got a wail from some people over the loss of third-party time 
> stamping and message delivery verification that can occur in the 
> simpler scenarios of bypassing the cash-cow Value Added Networks.  
> But, um, didn't everyone print those documents on *paper* and drop 
> them into USPS *mail boxes* just a few short years ago?  What 
> reliable third party time stamping and message delivery verification 
> did they have then?  Am I mistaken or didn't the entire economy 
> function on the basis of snail-mailed invoices and other documents? 
> How on earth did people manage under those primitive circumstances?

This is a bad argument for you to use.  From a privacy perspective,
didn't people send all kinds of very private stuff on *paper* and
through *mailboxes* just a few short years ago?  How did they survive 
without strong encryption?!  "Geez.  Let's get real here."

The physical mail analogy to PGP's implementation of CMR is as 
follows:  Company policy is that it does not accept private pmail for 
individuals.  All mail for individuals must be addressed

XYZ Company
attn: Indi Vidual
Address1
Address2

Mail addressed like this:

Indi Vidual
Address1
Address2

will be returned, because the company doesn't accept private mail.  
Company mail is to be used for company business.  You don't receive 
Playboy at work, you receive it at home.

-- 
Kent Crispin				"No reason to get excited",
kent@songbird.com			the thief he kindly spoke...
PGP fingerprint:   B1 8B 72 ED 55 21 5E 44  61 F4 58 0F 72 10 65 55
http://songbird.com/kent/pgp_key.html