[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: So, what crypto legislation (if any) is necessary?
-----BEGIN PGP SIGNED MESSAGE-----
>
> (d) [which may be a subset of (b)] impose contempt sanctions on the
> principal until he releases the key to the key.
>
>
Yes, but this will alert the principal not to use that key
for future communications. One of the things that the Leahy
bill provides for is getting of keys without any of the principals
knowing about it. This idea of escrowing encrypted, essentially
frustrates that provision of the Leahy Bill.
All this talk of voluntary key escrow is essentially fatuous.
If Key escrow is truly voluntary then there is nothing to prevent
the person escrowing from doing all of the following:
1) Not labelling the key escrow file as a key escrow file, so
that the escrow agent does not know that he is an key escrow
agent. The escrow agent can be told that he is a data storage
agent -- which in fact he is.
2) Encrypting the keys before handing to the escrow agent,
and only giving the decryption keys to those who are authorized
to break the escrow.
3) Insuring that the escrow agent and those who are authorized
to break the escrow are outside the jurisdiction of any court.
4) Using the crypto technique of secret splitting to split the secret
of the key among multiple escrow agents in difficult to subpoena
countries.
- --
Paul Elliott Telephone: 1-713-781-4543
[email protected] Address: 3987 South Gessner #224
Houston Texas 77063
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3
Charset: cp850
iQCVAgUBMV2yf/BUQYbUhJh5AQGyXwP5AeQQXJBr8j4vLv2eXTb6HsffHW72Yguu
1h7pILY8Iomo3/vgo1YuoJEfcIwNJaY5T4VEoLghW2H8mJ9gVQoAYkJXb7tvTyee
cBi33OPrNd2SXVYpQ4oF1qnTR+h2mGp9bkf+XQLRRev1jkrdpFYeHsTsP0w6sxLE
X+bqsj+57pE=
=+LHz
-----END PGP SIGNATURE-----