[715] in cryptography@c2.net mail archive
Re: key recovery vs data backup
daemon@ATHENA.MIT.EDU (Carl Ellison)
Tue May 6 18:26:33 1997
Date: Tue, 06 May 1997 18:03:57 -0400
To: Adam Back <aba@dcs.ex.ac.uk>
From: Carl Ellison <cme@cybercash.com>
Cc: cryptography@c2.net
In-Reply-To: <199705062009.VAA01882@server.test.net>
At 09:09 PM 5/6/97 +0100, Adam Back wrote:
>
>Some people are voicing concerns that Netscape by supporting OKAY
>(Optional Key Access for Yourself) is helping the Forces of Darkness
>have a fully prepared GAK infrastructure.
If I wanted to implement OKAY i believe I would:
1) generate a very long archival key for myself (2kb to 4kb in length)
2. securely back up that key on many sites, encrypted by my own
multi-question keys:
as in http://www.clark.net/pub/cme/html/rump96.html
3) use that archival key as an additional crypto-recipient for
things I want to be able to keep
Of course, your plan to just keep copies encrypted under a private symmetric
key locally works well, also.
+------------------------------------------------------------------+
|Carl M. Ellison cme@cybercash.com http://www.clark.net/pub/cme |
|CyberCash, Inc. http://www.cybercash.com/ |
|207 Grindall Street PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Baltimore MD 21230-4103 T:(410) 727-4288 F:(410)727-4293 |
+------------------------------------------------------------------+
