[24631] in Cypherpunks
Re: Morality masks technical ignorance
daemon@ATHENA.MIT.EDU (Adam Shostack)
Fri Dec 30 10:51:09 1994
From: Adam Shostack <adam@bwh.harvard.edu>
To: blancw@pylon.com
Date: Fri, 30 Dec 94 10:41:32 EST
Cc: cypherpunks@toad.com
In-Reply-To: <199412300642.WAA27643@deepthought.pylon.com>; from "blancw@pylon.com" at Dec 29, 94 10:42 pm
Blanc asks:
| Responding to msg by Adam Shostack ( when bad things happen to
| good crypto):
|
| The technical reason to oppose GAK is that it adds points of
| failure to a crypto system which need not be there. Those POF
| are not adequately tied to the consequences of their actions
| (releasing a key
| improperly), and as such will be used as points to attack the
| integrity of the system.
| ...............................................................
|
| And if there were no points of failure added by it, would you
| approve, agree, to its mandatory requirement?
I wouldn't care. First, any GAK system must add points of
failure. Second, if it didn't add points of failure, it would be
another expensive and pointless government program. Since there are
no points of failure, they can never access my key. Thats not
because key access is arbitrarily defined as a failure, but because
any mechanism that allows them to get my key from a database can be
subverted to get keys for which there is no 'legitimate' need.
Adam
--
"It is seldom that liberty of any kind is lost all at once."
-Hume
