[713] in cryptography@c2.net mail archive
Re: key recovery vs data backup
daemon@ATHENA.MIT.EDU (Anil Das)
Tue May 6 16:59:53 1997
Date: Tue, 6 May 1997 13:45:14 -0700
From: das@razor.engr.sgi.com (Anil Das)
In-Reply-To: Adam Back <aba@dcs.ex.ac.uk>
"key recovery vs data backup" (May 6, 9:09pm)
To: Adam Back <aba@dcs.ex.ac.uk>, cryptography@c2.net
On May 6, 9:09pm, Adam Back wrote:
> Subject: key recovery vs data backup
>
> >From Tom's description of what Netscape is thinking of doing it would
> seem that they are planning to archive (or escrow) encryption keys
> used to encrypt email communications.
>
> If the stated interest is to maintain the ability to read old email,
> it seems to me that archiving _communication_ keys not the best way to
> acheive this. You yourself have no use for communcation key escrow
> because you don't have archives of your communications; law
> enforcement is interested in the escrowing of encryption keys used to
> protect communications because they do plan to have archives of your
> communications.
Far as I can see the intention is indeed for someone else
to be able to read your email. Just that that someone else is not
the government.
Customer != User
There are many corporations who have a stated policy that
all email crossing the firewall will be examined to make sure that
no corporate information is being leaked or stolen.
--
Anil Das
