[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: not escrowing signature keys (Re: PGP, Inc.--What were they thinking?)
On Mon, 27 Oct 1997, Adam Back wrote:
>
> Lucky Green <[email protected]> writes:
> > On Fri, 24 Oct 1997, Adam Back wrote:
> > And if you don't use such a system, then how do you deal with future
> > versions of the software that will allow the user to swap DH keys
> > from underneath the ElGamal keys?
[Stupid typo my part. This was supposed to be "swap ElGamal keys from
under the DSA keys."]
> Interesting question even if you are using separate signature keys.
> You've got a new signature key. You want to bind your recovered EG
> keys to it. So I guess you just strip the self-certificates from the
> EG keys, and add new ones made by the new signature key. You can
> still decrypt messages, and even pgp5.0 would be able to cope with
> that (it'll try to fetch keys to check the certification on the
> signature key).
>
> Adam
> --
> Now officially an EAR violation...
> Have *you* exported RSA today? --> http://www.dcs.ex.ac.uk/~aba/rsa/
>
> print pack"C*",split/\D+/,`echo "16iII*o\U@{$/=$z;[(pop,pop,unpack"H*",<>
> )]}\EsMsKsN0[lN*1lK[d2%Sa2/d0<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<J]dsJxp"|dc`
>
-- Lucky Green <[email protected]> PGP encrypted email preferred.
"Tonga? Where the hell is Tonga? They have Cypherpunks there?"