[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

No Subject




Tim May <[email protected]> writes:
> This also applies to CMR as well. Whatever the perceived business reasons
> for CMR, the fact is that it introduces additional failure points. No
> longer will Alice and Bob be secure that at least there are no "other
> readers" in the channel between them (what they do with the plaintext after
> decryption is of course solvable by no technology).

I thought that was the whole point of the PGP design.  It makes the
presence of third parties clear and visible to all participants.  This
seems to be the fundamental principle.  PGP is designed to allow Alice
and Bob to be informed if third party access is built in.  Key escrow
and re-encryption are inherently less visible forms of message access.