[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: NIST GAK meeting writeup, LONG part 3 of 3



jim bell writes:
> It _is_ less voluntary, because it interferes with my right to escrow my key
> with an organization that is willing to take the dispute to arbitrary levels
> of uncooperativeness with the government.  I might insist, for example, that
> the organization only store the key outside the country (beyond the reach of
> US Courts) and require MY PERMISSION for them to release it to the
> government.  I might also insist that they further encode the key so that
> only an independent foreign organization (out of reach of US courts) could
> provide the key to decrypt it.
> 
> If key escrow is REALLY REALLY REALLY "voluntary", then such arbitrary
> restrictions should be do-able.

Unless I've missed something large, you can have an _uncertified_ key escrow 
agent store your keys in Fidel Castro's beard, and only release them with
written permission from your goldfish. 

Whether or not you use a certified key escrow agency would remain your 
choice, AFAIK.

I'm not expressing support for the certification standards that have been
presented. But I don't consider it cause for great alarm that the USG wants
to play in the escrow agent rating bureau business.

-Futplex <[email protected]>