Gore's "new and improved" key escrow proposal
Michael Paul Johnson
mpj at netcom.com
Wed Jul 27 07:51:48 PDT 1994
On Mon, 25 Jul 1994, Phil Karn wrote:
> I think we need to distinguish between encrypted *storage* and
> encrypted *communications*. Voluntary key escrow may make sense for
> encrypted stored business files, but communications is a different
> story. Since there should be nobody out there recording packets, there
> is no need to back up or escrow the keys used to encrypt them.
Good point. The line between storage and transmission gets kind of
fuzzy, however, if transmitted messages get stored in encrypted form. I
think that if I were designing an encryption system to be used for both
in my own business, I would probably consider a compartmented escrow
system for both kinds of messages, with a different escrow public key for
each department. That is would be a good balance between two evils:
unauthorized disclosure of proprietary communications, and loss of
encrypted data due to loss of a key or loss of an employee. Naturally,
this would not be as convenient for law enforcement agents and spies, but
I suppose that my own escrow data base would still be subject to the same
subpoena process as the rest of my records, but I would be more likely to
know when information was being leaked.
___________________________________________________________
|\ /| | | |
| \/ |o| | Michael Paul Johnson Colorado Catacombs BBS 303-772-1062 |
| | | / _ | mpj at csn.org aka mpj at netcom.com m.p.johnson at ieee.org |
| |||/ /_\ | ftp://ftp.csn.net/mpj/README.MPJ CIS: 71331,2332 |
| |||\ ( | ftp://ftp.netcom.com/pub/mpj/README.MPJ -. --- ----- ....|
| ||| \ \_/ |___________________________________________________________|
More information about the cypherpunks-legacy
mailing list