`Newsgroups: alt.nettime`

	previous	workgroup	thread	next

Subject: <nettime> rumours on PGP 5.5 From: mail@mail.thing.at (mail) Date: 18 Oct 1997 18:56:19 +0100 * * * * * To: nettime-l@Desk.nl Date: Sat, 18 Oct 1997 17:11:37 +0100 (MET) From: Michael Langer <mila@pr-langer.K.eunet.de> MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-nettime-l@Desk.nl Precedence: bulk >From: fiff@fiff.GUN.de >Date: Thu, 16 Oct 97 17:10:45 PDT > >PGP Inc.'s timing was very unfortunate, and I've told them so in rather >heated language. But the PGP 5.5 corporate message recovery features are >*not* key escrow or key recovery or trusted third party, and don't have >anything to do with these concepts. They are a forced Cc to a corporate >key. There is no back door, not escrow of user keys, no skeleton key, no >repository of anything. It's a far more direct form of snooping, quite >frankly - a form that Congress would not dare try to mandate. That would >be the direct analog of making it illegal to make a phone call without >getting an FBI agent on the line first. PGP's CMR features are an extreme >specialty measure for high-security or mission-critical corporate >circumstances of a particular kind, nothing more. The intallation for PGP >5.5 Corporate Edition even warns against using these features unless >various extreme extra security measures are taken, since the CMR process >introduces new security problems. It's a solution that certain does not >scale very well at all. > >If congressfolks and anyone else who can make a difference are confusing >this with industry adoption of key escrow they are completely and totally >wrong and need to be corrected immediately. And in the case of any >Administration people trying to confuse them, they need to be corrected >publicly and with no mercy. > > >-- >Stanton McCandlish mech@eff.org >Electronic Frontier Foundation Program Director >http://www.eff.org/~mech +1 415 436 9333 x105 (v), +1 415 436 9333 (f) --- # distributed via nettime-l : no commercial use without permission # <nettime> is a closed moderated mailinglist for net criticism, # collaborative text filtering and cultural politics of the nets # more info: majordomo@icf.de and "info nettime" in the msg body # URL: http://www.desk.nl/~nettime/ contact: nettime-owner@icf.de