1997-10-15 - Re: Just say “No” to key recovery concerns…keep OpenPGP pure

Header Data

From: Lucky Green <shamrock@cypherpunks.to>
To: Adam Back <aba@dcs.ex.ac.uk>
Message Hash: c874a4c3f4cb27d4ce9bb202ff451c9fa3d9a65285f192e9fd714a0291d95f52
Message ID: <Pine.BSF.3.96.971015055251.18802C-100000@pakastelohi.cypherpunks.to>
Reply To: <199710150138.CAA09580@server.test.net>
UTC Datetime: 1997-10-15 04:17:09 UTC
Raw Date: Wed, 15 Oct 1997 12:17:09 +0800

Raw message

From: Lucky Green <shamrock@cypherpunks.to>
Date: Wed, 15 Oct 1997 12:17:09 +0800
To: Adam Back <aba@dcs.ex.ac.uk>
Subject: Re: Just say "No" to key recovery concerns...keep OpenPGP pure
In-Reply-To: <199710150138.CAA09580@server.test.net>
Message-ID: <Pine.BSF.3.96.971015055251.18802C-100000@pakastelohi.cypherpunks.to>
MIME-Version: 1.0
Content-Type: text/plain



On Wed, 15 Oct 1997, Adam Back wrote:

> 
> Lucky Green <shamrock@cypherpunks.to> writes:
> 
> > [Sidetrack: which is of course why PGP had to find another solution to
> > present to those customers already using GAK. IMHO, and I can't help but
> > be a bit surprised that I find myself in the minority on this
> > issue, at least as far as the list is concerned. What PGP did was
> > _elegant_.]
> 
> Wow, Lucky! I usually consider you to be spot on most such things, but
> I think you failed to hit the bulls-eye there; in fact I think you
> missed the dartboard entirely!

So I am told. Which is surprising to me, since usually I am told that that
I am too "paranoid" and "uncompromising".
 
> I thought it was you who was pointing out earlier the fallacy induced
> by the key escrow meme (escrowing transient communicatoins keys with
> governments or companies to recover data stored on frigging disks!)
> (Actually you applied it just to goverments but the argument extends
> to companies perfectly).

I can't help but see a difference between enforcing to encrypt to a
default key and storing the user's key outright. IMHO, the former entails
less potential for abuse.

> (Notice Bruce Schneier's forward of a case of a GAKker already
> starting to crow about the demonstration of GAKware feasibility in
> PGP).
> 
> There are plenty of less GAK compliant things you can do than what
> they are doing.  The anti-GAK design principles help to clarify
> thought in designing a full spectrum from mildly GAK resistant through
> to rabidly GAK-hostile.  I would hope that PGP (and you lot at C2Net)
> will crank the setting up to mad dog rabid anti GAK mode with nested
> obfuscated interpreters interpreting each other interpreting
> instruction sequences to recover keys.  And busting your butts to make
> your systems ergonomic and slick to the extent that the competitors
> GAKware products look like dried up turds in comparison.  Deployment
> being probably the most important anti-GAK principle of all!

Amen to the latter. I honestly don't see what PGP could have done better
and still achieved deployment in companies that keep copies of all
employees keys *today*. And yes, I think what PGP is doing is
better than keeping copies of the keys of all employees. Anyway, I now
have access to the entire PGP 5.5 system and will subject it to thorough
analysis. Methinks many people arecurrently rendering opinions on a design
they haven't even seen yet.

Certainly, the part of PGP's SMTP agent that prevents you from  screwing
up by accidentaly sending sensitive email unencrypted stands a good chance
of being installed at my site. [Can we all agree that this is a useful
feature]? More than once, I failed to encrypt an email that I meant to
encrypt.

As for C2 and GAK: as Lucky Green, I speak _only_ for myself. And I can
therefore say that if my employer was to imlement GAK, I would quit the
day I found out about it. It isn't going to happen.

 -- Lucky Green <shamrock@cypherpunks.to> PGP encrypted email preferred.
   "Tonga? Where the hell is Tonga? They have Cypherpunks there?"






Thread