[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Symantec's Your Eyes Only



jim bell <[email protected]> wrote:
>At 11:57 AM 7/16/96 -0400, Clay Olbon II wrote:
>
>>Now my $.02.  I am concerned about the lack of a distinction between
>>transient communications and stored data.  This is apparent in the GAK
>>proposals, but is also increasingly apparent in mainstream corporate
>>products such as this one and ViaCrypt BE.  It is apparent (to me anyway)
>>that corporate access to stored data (data owned by the company, on
>>machines owned by the company) is probably necessary.  I do not see this
>>same need for access to transient communications.  Am I way off base on
>>this one?
>
>
>This has been mentioned a number of times by various people.  It should be

>obvious that it is pointless to escrow the key of a data stream that you
are 
>not recording, such as a telephone conversation.  Also, if you have no 
>permanent need for that data (also, the telephone conversation) it is 
>unnecessary.  As might be expected, however, the proponents of GAK don't 
>distinguish between keys for storage and keys for communication.  
>
>Such an oversight is predictable.  It's likely that governments will  be
>more 
>interested in keys for communication, because the data is far more easily 
>(and secretly) accessible.  Were they to admit that nobody has a need for 
>his own communication data key, they'd lose a substantial fraction of
their 
>target data.
>

My point was not that govts want to escrow communication keys, it was that
this is appearing more and more in commercial products marketed to
businesses.  I run the computer system for a small office and I would
rather not see employee email - maybe I am just naive.  However, there
obviously is a demand for this type of product.  It must come from either a
lack of understanding of crypto, or a freeh-style authoritarianism on the
part of corporate executives.  I wouldn't rule either one out.  If it is
the latter, I'm not sure there is anything we can do.

	Clay  

***************************************************************************
Clay Olbon II       *      [email protected]
Systems Engineer    *    PGP262 public key on web page
Dynetics, Inc.      * http://www.msen.com/~olbon/olbon.html
***************************************************************** TANSTAAFL