[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Access to Storage and Communication Keys




At 10:06 PM 6/9/97 -0400, Marc Horowitz wrote:
>To me, mail encryption is not communications encryption.  The mail
>message is encrypted, just like a file might be.  Then those encrypted
>bits are sent over the net.  It is precisely because I have access to
>the ciphertext as a separate entity that this is not communications
>encryption.

An interesting perspective, but I don't know that it works.
For this to make sense, either the business needs to have access to
the stored received email if the user gets run over by a police car,
or else the business needs to know that it doesn't _need_ access -
either because the mail isn't business related, or because the
business-related parts have been transferred to other systems
using a convenient user interface.

On the other hand, if receiving email with encrypted attachments
is _in_convenient to store in a mail system, maybe it will help
encourage people not to use that mail system for storing messages,
or to junk the mail system entirely :-)  (I'm thinking here of systems
like IBM PROFS and Microsoft Mail, which both encourage storage
in their monolithic mailboxes.

>The *only* reason to escrow communications keys is to spy on people;
>there is never an opportunity for data loss here.
Yeah!  (Actually, the other reason to escrow them is because
you're using the same keys for communication and storage,
and you have potentially decent business reasons for backup
of storage keys, but that's only the case if you're not using
a sufficiently flexible cryptosystem and are using key backup
instead of data backup, which is really the preferred approach anyway.)

#			Thanks;  Bill
# Bill Stewart, +1-415-442-2215 [email protected]
# You can get PGP outside the US at ftp.ox.ac.uk/pub/crypto/pgp
#   (If this is a mailing list or news, please Cc: me on replies.  Thanks.)