[6842] in cryptography@c2.net mail archive
ZixMail Replies
daemon@ATHENA.MIT.EDU (Paul Holman)
Fri Mar 24 18:38:44 2000
Mime-Version: 1.0
Message-Id: <v04220800b501a0cf5e76@[10.1.9.126]>
In-Reply-To: <8B73A3F64738D211A11800A0C9D5BD5D26411F@MAIL>
Date: Fri, 24 Mar 2000 15:26:12 -0800
To: tsg@shmoo.com
From: Paul Holman <pablos@shmoo.com>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Yesterday, we reported that ZixMail <http://www.zixmail.com>
incorporated key escrow. Today I got an email message from the CEO
of ZixIt Corporation <http://www.zixit.com>, David Cook claiming that
is no longer the case:
>I wanted to address the "key escrow" issue that you have raised regarding
>ZixMail.
>
>The quote that you reference was from last July - when the escrow was
>required for "hard" encryption. That requirement was eliminated in December
>- and we do not keep an escrow of any kind.
>
>I would like to invite you to come to Dallas and visit our data center. I
>will personally walk you through the system design, etc...
>
>Let me know if you are interested in coming to Dallas.
>
>Thanks
>
>David Cook (CEO)
>ZixIt Corporation
My efforts to contact ZixMail about this yesterday failed, and I
apologize for the outdated information. Hopefully they're working on
replies to our other advice:
- Open source their (crypto) code
- Embrace at least one of the existing standards for
encrypted email (PGP &/or S/MIME).
- --
Paul Holman
Special Agent
The Shmoo Group
<http://www.shmoo.com/>
pablos@shmoo.com
<http://www.shmoo.com/~pablos/>
PGP fingerprint: CFBF CC8D 7BC8 FDE3 74BD
9DB0 88E6 B201 3F5A B569
-----BEGIN PGP SIGNATURE-----
Version: PGP Personal Privacy 6.5.2
Comment: The magic words are squeamish ossifrage.
iQA/AwUBONv5m4jmsgE/WrVpEQLCvACeOxCP2nLvyEbXZbWK/B60qSwz5ksAoJyR
+BBVSu20omXdWaSa8UZwSvP/
=1Oj8
-----END PGP SIGNATURE-----
