[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: UK Crypto regs?
Thank you to AB for forwarding the Ross Anderson summary.
I am unclear on what I consider a key point regarding UK policy.
The US (and Japanese) governments have pledged not to seek to esrow
digital signature keys. (FWIW I think this is a very important and
praiseworthy pledge.) There is a large class of DS keys, eg RSA keys,
which can also be used for encryption; there is also a class of keys (eg.
SHA 1, I think?) that cannot. A PKI that requires escrow therefore must
either
a) limit the type of encryption allowed for DS keys, end exclude one of
the most popular flavors
or
b) escrow digital signature keys
I am unclear as to whether the UK authorities understand this, and if so
which option they plan to choose. I would welcome any information that
might be floating around.
[This message may have been dictated with Dragon Dictate 2.01.
Please be alert for unintentional word substitutions.]
A. Michael Froomkin | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law |
U. Miami School of Law | [email protected]
P.O. Box 248087 | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's hot here. And humid.