[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PGP, Inc.--What were they thinking?

To: Adam Back <[email protected]>
Subject: Re: PGP, Inc.--What were they thinking?
From: Lucky Green <[email protected]>
Date: Mon, 27 Oct 1997 08:26:36 +0100 (CET)
cc: [email protected]
In-Reply-To: <[email protected]>
Sender: [email protected]

On Fri, 24 Oct 1997, Adam Back wrote:
> 
> If this is the case, I reckon it's still better to just escrow their
> comms keys locally.  Put them all in the company safe, whatever.  To
> go with this kind of a company with this kind of policy, I would
> presume that sending or receiving super-encrypted messages would would
> be a sackable offense.

Adam,
How does your system prevent the employer  from fabricating forged
signatures in a PK system that uses the same key for signing and
decrypting? And if you don't use such a system, then how do you deal with
future versions of the software that will allow the user to swap DH keys
from underneath the ElGamal keys?

Thanks,

-- Lucky Green <[email protected]> PGP encrypted email preferred.
   "Tonga? Where the hell is Tonga? They have Cypherpunks there?"

Follow-Ups:
- not escrowing signature keys (Re: PGP, Inc.--What were they thinking?)
  - From: Adam Back <[email protected]>

References:
- Re: PGP, Inc.--What were they thinking?
  - From: Adam Back <[email protected]>

Prev by Date: Re: cryptographic anecdotes
Next by Date: Re: cryptographic anecdotes -- GPS and
Prev by thread: Re: PGP, Inc.--What were they thinking?
Next by thread: not escrowing signature keys (Re: PGP, Inc.--What were they thinking?)
Index(es):
- Date
- Thread