From: Rick Smith <smith@securecomputing.com>
To: Adam Back <ietf-open-pgp@imc.org
Message Hash: eae54b5cbe5708d66fba81c882ceac6865b4ffd99f418109326f222445740563
Message ID: <v03007804b0697514e0e4@[172.17.1.150]>
Reply To: <199710140937.KAA01187@server.test.net>
UTC Datetime: 1997-10-14 21:21:13 UTC
Raw Date: Wed, 15 Oct 1997 05:21:13 +0800
From: Rick Smith <smith@securecomputing.com>
Date: Wed, 15 Oct 1997 05:21:13 +0800
To: Adam Back <ietf-open-pgp@imc.org
Subject: Re: proposal: commercial data recovery
In-Reply-To: <199710140937.KAA01187@server.test.net>
Message-ID: <v03007804b0697514e0e4@[172.17.1.150]>
MIME-Version: 1.0
Content-Type: text/plain
It should be clear by now that privacy is not the only security objective
sought by customers of information security products, nor even by all
customers of crypto products. Practical users rarely pursue privacy at all
costs, nor do they pursue accountability and traffic visibility at all
costs. Many must find a balance between two fundamentally conflicting goals.
Regarding the practical uses of e-mail key disclosure, let me include one
from the guard/firewall world that I haven't seen mentioned yet:
We've been shipping products since 1994 that scan the contents of e-mail
messages and reject contents that violate specified filtering criteria.
Sites use it to block importation of viruses or other inappropriate
attachments, and to block the export of improperly released information.
Most of these systems have been sold to the government and use the Message
Security Protocol to encrypt data. The system rejects messages that don't
contain an extra key so that the firewall can scan message contents.
This violates the assumed requirement that the contents of an e-mail
message must not be viewed by anyone except the message's author and
recipient.
However, it's a security trade-off that some organizations want to make for
certain applications.
PGP's key recovery protocol isn't the perfect solution, but it would help
resolve a big problem. To send mail through these systems, the users must
be trained to include the firewalls as message recipients -- this produces
a copy of the symmetric key encrypted with the firewalls' individual PKs.
If a user forgets, then the message can not pass through. The PGP approach
of warning or demanding another PK token would help solve that problem at
least in simple cases.
ObPolitics: Personally, I think it's too soon to tell if PGP's
implementation would benefit the FBI in its pursuit of wiretapping keys. At
most it might resolve whether such mechanisms are in fact a practical
technology. I'm not yet convinced.
Also, if commercial sites have already co-opted PGP's recovery key for
their own uses, it's not clear that the FBI will be able to use it for
clandestine investigations. If they approach the site's IS managers to
acquire copies of the firewall keys, there's a good chance a rumor will get
back to the people being targeted for surveillance. Also, I believe the
overhead for separate eavesdropping keys would produce too clear a sign to
everyone that the FBI is listening. There is no precendent for such a thing
and even if it's adopted temporarily I doubt it will persist. People will
notice, it it will make them mad -- it will show them that the FBI is
indeed under everyones' bed. Even the FBI can't stand up against broadly
based grassroots pressure. Of course, I've been wrong before about politics.
Rick.
smith@securecomputing.com Secure Computing Corporation
"Internet Cryptography" now in bookstores http://www.visi.com/crypto/
Return to October 1997
Return to “Will Price <wprice@pgp.com>”