[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Acceptable NIS&T restrictions



At 17:20 9/4/95, Bill Stewart wrote:
[...]

>For Commercial Key Escrow, or commercial key-backup services, the criteria are
>"whoever can be trusted to provide the services the customers want".
>In this case, of course, the service most customers want is to be left alone,
>or, failing that, to have the government's Master Key system provide minimal
>risk
>to the security of the actual transactions - 64 bit keys are not enough
>security
>for any high-valued financial transactions, though they may suffice for
>credit cards.
>One required characteristic would appear to be either sufficiently deep pockets
>to collect judgements for violations of trust or a sufficiently high
>reputation that
>violations of trust are not expected.

I seems obvious to me that prospective key escrow agents would be exempt
from all liability for damages caused by releasing a key, exept in cases of
gross negligence. Gross negligence being defined as giving a key to a
person who explicitly states that they intend to use it for illegal
purposes.

-- Lucky Green <mailto:[email protected]>
   PGP encrypted mail preferred.