[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Symantec's Your Eyes Only



At 11:57 AM 7/16/96 -0400, Clay Olbon II wrote:

>Now my $.02.  I am concerned about the lack of a distinction between
>transient communications and stored data.  This is apparent in the GAK
>proposals, but is also increasingly apparent in mainstream corporate
>products such as this one and ViaCrypt BE.  It is apparent (to me anyway)
>that corporate access to stored data (data owned by the company, on
>machines owned by the company) is probably necessary.  I do not see this
>same need for access to transient communications.  Am I way off base on
>this one?


This has been mentioned a number of times by various people.  It should be 
obvious that it is pointless to escrow the key of a data stream that you are 
not recording, such as a telephone conversation.  Also, if you have no 
permanent need for that data (also, the telephone conversation) it is 
unnecessary.  As might be expected, however, the proponents of GAK don't 
distinguish between keys for storage and keys for communication.  

Such an oversight is predictable.  It's likely that governments will  be more 
interested in keys for communication, because the data is far more easily 
(and secretly) accessible.  Were they to admit that nobody has a need for 
his own communication data key, they'd lose a substantial fraction of their 
target data.



Jim Bell
[email protected]