[88095] in Cypherpunks
Re: negative security aspects of GAK compliance
daemon@ATHENA.MIT.EDU (Adam Back)
Sun Oct 12 09:32:20 1997
Date: Sun, 12 Oct 1997 12:03:02 +0100
From: Adam Back <aba@dcs.ex.ac.uk>
To: aba@dcs.ex.ac.uk
CC: ietf-open-pgp@imc.org, cypherpunks@cyberpass.net,
randerso@ece.eng.wayne.edu
In-reply-to: <199710120948.KAA00212@server.test.net> (message from Adam Back
on Sun, 12 Oct 1997 10:48:03 +0100)
Reply-To: Adam Back <aba@dcs.ex.ac.uk>
Adam Back <aba@dcs.ex.ac.uk> wrote:
> As I have pointed corporate access to stored email can be acheived
> with similar amounts of snooping enforceability by having the PGP5.5
> mail client store to an escrowed communications key after decryption,
^^^^^^^^^^^^^^
Typo: that should be "storage key".
> I would be interested to see anyone refute this security argument from
> a security point of view.
And I am very interested to hear arguments against the logic of that
message.
Adam
--
Now officially an EAR violation...
Have *you* exported RSA today? --> http://www.dcs.ex.ac.uk/~aba/rsa/
print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<>
)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`