[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re:



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 9/12/97 1:31 AM, Anonymous ([email protected])  passed this wisdom:

 [snip]

>Now think about this: You're Joe Random Govt. Worker at the 
>official secret key repository, and there's a budget crisis going 
>on - instead of paychecks, you're getting I.O.U.'s. Your terminal 
>has access to thousands, perhaps millions, of secret keys. You grab 
>one of CitiBank's, forge a few transactions, and 30 seconds later 
>your Swiss bank account is a few million dollars fatter and 
>according to the digital signature, the transaction originated in 
>L.A.. 

 Please correct me if I am wrong, but could not a GAK backdoor be
written that will simply permit decryption only of the ciphertext and
not encryption. Would not this prevent this from happening?

  Don'tget me wrong. It scares the hell out of me too, but maybe, in
addition to that various things Tim has suggested we might also
consider how to make the GAK as secure as cam be to minimize its
potential for disaster.

-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.0
Charset: noconv

iQA/AwUBNBnRQcdZgC62U/gIEQK+qACfSPjDLBIKmN4AgvEU6nBPmKKF+94AnR6T
4ZV9vbLb7vCpaaKGZA1mPTmH
=MbPr
-----END PGP SIGNATURE-----


Brian B. Riley --> http://www.macconnect.com/~brianbr
         For PGP Keys -  Send Email Subject "Get PGP Key"
  "The only thing necessary for evil to triumph, is for good men to 
   stand by and do nothing"  Edmund Burke