[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: negative security aspects of GAK compliance

To: [email protected]
Subject: Re: negative security aspects of GAK compliance
From: Adam Back <[email protected]>
Date: Sun, 12 Oct 1997 12:03:02 +0100
CC: [email protected], [email protected], [email protected]
In-reply-to: <[email protected]> (message from Adam Backon Sun, 12 Oct 1997 10:48:03 +0100)
Sender: [email protected]



Adam Back <[email protected]> wrote:
> As I have pointed corporate access to stored email can be acheived
> with similar amounts of snooping enforceability by having the PGP5.5
> mail client store to an escrowed communications key after decryption,
                                   ^^^^^^^^^^^^^^

Typo: that should be "storage key".

> I would be interested to see anyone refute this security argument from
> a security point of view.

And I am very interested to hear arguments against the logic of that
message.

Adam
-- 
Now officially an EAR violation...
Have *you* exported RSA today? --> http://www.dcs.ex.ac.uk/~aba/rsa/

print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<>
)]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`

References:
- negative security aspects of GAK compliance
  - From: Adam Back <[email protected]>

Prev by Date: Re: CMR paves the road to GAK, and provides no corporate security.
Next by Date: Re: the case for separate comms keys
Prev by thread: negative security aspects of GAK compliance
Next by thread: D-H Forward Secrecy for E-Mail?
Index(es):
- Date
- Thread