From: Tim May <tcmay@got.net>
To: Rick Smith <zooko@xs4all.nl
Message Hash: 5ae81fae096697891f75ea0cdbb4b6dd64461b688964374992f6e62c7c1d53b1
Message ID: <v03102800b06abe45dfa2@[207.167.93.63]>
Reply To: <v03102800b06978017bc1@[207.167.93.63]>
UTC Datetime: 1997-10-15 18:58:20 UTC
Raw Date: Thu, 16 Oct 1997 02:58:20 +0800
From: Tim May <tcmay@got.net>
Date: Thu, 16 Oct 1997 02:58:20 +0800
To: Rick Smith <zooko@xs4all.nl
Subject: Re: Just say "No" to key recovery concerns...keep OpenPGP pure
In-Reply-To: <v03102800b06978017bc1@[207.167.93.63]>
Message-ID: <v03102800b06abe45dfa2@[207.167.93.63]>
MIME-Version: 1.0
Content-Type: text/plain
At 12:14 PM -0700 10/15/97, Rick Smith wrote:
>While I think that a variety of robust and successful products will proably
>emerge that support various types of key recovery, I strongly agree with
>Tim on engineering grounds: Keep It Simple, Stupid.
>
>When it comes to deciding on the contents of a standard, let's keep in mind
>that we're working with a relatively new technology. We'll make more
>progress by standardizing proven concepts, and these integrated key
>recovery hacks don't have the operating history that vanilla PGP has. If
>anything, my experience with Guard keying suggests that the proposed
>mechansims aren't enough. The problem has more hair than our sheepdog.
>
>I don't think the protocol standard needs to take a political statement
>about key recovery mechanisms, but it *must* outline the protocol's
>traditional security objectives pretty much the way Tim outlined them. That
>sets the context for a robust protocol that has a successful history.
Thanks for the comments, and the support is nice, too.
As Rick notes, the whole "foobar recovery" (where foobar may be plaintext
messages or keys) technology is untested, besides being dangerous in
various ways.
It represents an escalation of complexity, both for the users and the
developers. (My message is being directed at the OpenPGP folks trying to
figure out what features to support, not to PGP, Inc., which can make its
own decisions about how to spend its engineering and marketing
resources...though I hope they are taking the reactions of many of us to
heart.)
At this stage, where governments of the world are planning to make foobar
recovery mandatory (either GAK or GAP), it's a bad time to launch an
untested and potentially dangerous technology. As others have noted,
Congress is already using PGP's support of message recovery as evidence
that industry can rise to the challenge of providing message recovery for
law enforcement.
OpenPGP needs to stick to basics. And PGP, Inc. needs to get back to basics.
--Tim May
The Feds have shown their hand: they want a ban on domestic cryptography
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May | Crypto Anarchy: encryption, digital money,
ComSec 3DES: 408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets,
Higher Power: 2^2,976,221 | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."
Return to October 1997
Return to “Zooko Journeyman <zooko@xs4all.nl>”