[91468] in Cypherpunks
Re: SynData/Schneier Attack Network Associates
daemon@ATHENA.MIT.EDU (Wesley Griffin)
Fri Dec 5 19:38:09 1997
To: cypherpunks@toad.com
In-reply-to: Your message of "Fri, 05 Dec 1997 12:26:51 EST."
<3.0.2.32.19971205122651.007cae60@fast.synernet.com>
Date: Fri, 05 Dec 1997 15:53:58 -0500
From: Wesley Griffin <wgriffin@enslaved.student.umd.edu>
Reply-To: Wesley Griffin <wgriffin@enslaved.student.umd.edu>
> At 11:42 AM 12/5/97 -0500, you wrote:
> > "The government's key recovery program is a complete violation of the
> > individual's right to privacy and, in fact, compromises of the system are
> > already taking place. This shows that key escrow is an untenable policy,"
> > said Bruce Schneier, one of the world's leading authorities on encryption
> > and author of the book "Applied Cryptography". "SynData is paving the
> > way for other software developers by taking a stand in opposition to the
> > government and companies like Network Associates."
>
>
> By "companies like Network Associates", do you mean "companies who are
> members of the Key Recovery Alliance" (http://www.kra.org)? If so, here are
> the "companies like Network Associates", in that regard: [Note RSA is a
> Charter Member]
This statement is seriously confusing Key Recovery and Key Escrow. They are
NOT the same thing. Everybody knows what Key *Escrow* is and that it sucks.
Key Recovery is *very* different in that are no databases kept of private keys.
The website you mentioned (http://www.kra.org) contains some very good info on
how Key Recovery works. I would like to see the source of Schneier's quote
also, because I can't believe he could get the two confused.
Wes Griffin
wgriffin@glue.umd.edu