From: Ian Brown <I.Brown@cs.ucl.ac.uk>
To: Will Price <wprice@pgp.com>
Message Hash: 53e530cffe835351ab482316c4b0d316b23f7b04c18ed3f91445e3bf7cc2aed4
Message ID: <3444A29F.A843CE5A@cs.ucl.ac.uk>
Reply To: <v04001b0eb06a3d206797@[205.180.137.244]>
UTC Datetime: 1997-10-15 11:14:42 UTC
Raw Date: Wed, 15 Oct 1997 19:14:42 +0800
From: Ian Brown <I.Brown@cs.ucl.ac.uk>
Date: Wed, 15 Oct 1997 19:14:42 +0800
To: Will Price <wprice@pgp.com>
Subject: Re: proposal: commercial data recovery
In-Reply-To: <v04001b0eb06a3d206797@[205.180.137.244]>
Message-ID: <3444A29F.A843CE5A@cs.ucl.ac.uk>
MIME-Version: 1.0
Content-Type: text/plain
-----BEGIN PGP SIGNED MESSAGE-----
> The design you have been espousing for the last week or so in your many
> messages takes the power out of the hands of the sender and encourages
> automated violations of the sender's privacy by the recipient (perhaps even
> unbeknownst to the recipient).
Whatever you do, the recipient has the plaintext (has the argument
really descended to this level?) As Ian Grigg has pointed out, there are
*no* technical means a message sender can employ to stop the recipient
'violating their privacy'. You are splitting hairs again. As Adam has
repeatedly pointed out, there is no problem with flagging on a key that
the message may be read by someone else. This is actually more honest
than a scheme where 'this message can be read by key X' flags are used;
once the recipients have the plaintext, they can give it to whoever they
like to read. Adam's scheme does not put in place an infrastructure
which encourages automated snooping. It leaves it entirely up to
separate organisations as to whether they implement data recovery. Have
you *read* Bruce Schneier's post on how quickly GAK proponents in
Washington have picked up on this? Are you proud to have provided an
argument for S909? Are you happy to have the NSA using you as an
argument that GAK works?!!!
> The NSA states that key recovery is doable and will not jeopardize
> national security. And there is an existence proof for key recovery
> software in the new PGP release.
Adam's design does NOT "encourage automated violations of the sender's
privacy" - that I would reserve for PGP 5.5. You split hairs yet again
by claiming PGP 5.5 is "a simple system... wherein all recipients are
under the sender's control". As Adam has pointed out in his "many
posts", it's not much use letting the sender remove the extra recipient
if they know the message will then simply be bounced. Adam's request for
you to remove these fields make the system simpler. His communications
key idea adds additional security, but that is the only reason for the
increased complexity - an *additional* security feature.
This argument is exhausting. You may not give two hoots what I, or Adam
Back, or any number of people say. But could you not at least listen to
Schneier, who you must admit is quite an authority in this field? Even
if you *were* right, you have not managed to convince him. Do you really
think it's going to be good for PGP Inc if he recommends that clients
and anyone else who asks should not use PGP Inc products?
Ian.
-----BEGIN PGP SIGNATURE-----
Version: Cryptix 2.2.2
iQCVAgUBNESio5pi0bQULdFRAQEBygQArMB8FRo7wQ5HrLyw/CdHjJY2YPfnLYzw
qfSSxJEEszAnkBfMEM15VIc61QnrYSW43y/+Q5DhrS8SZteG5oDs2+x32MCPvAND
sm5k/4K20o6/aC5ZZO9mHaCZU3yY6ZGsfazop1MOgkIgp6HKnWLU73gNaQzV43T/
l4zXvCPGSAA=
=Tg/+
-----END PGP SIGNATURE-----
Return to October 1997
Return to “Will Price <wprice@pgp.com>”