Re: comments on PGP *5*
In article <19980913232759.A23249@earthlink.net>,
email@example.com (Joseph Carter) writes:
> PGP v5 supports key escrow and it can be used without your knowledge or
> consent with v5.x, though it can only be specifically enabled in 5.5+ I
IIRC PGP5 can be configured, by your sysadmin, to automatically encrypt
a outgoing message session key with a "corporate public-key" in addition
to the recipient's public-key. And that PGP5 can be configured to refuse
to decrypt messages when the session key was not encrypted with the
"corporate public-key". As I understand it this NOT key-escrow.
AFAIK PGP5 does not provide a mechanism to force you to send a copy of
your private key to an "Offical Key Escrow Authority". And that the
"key-recovery" feature has no effect on users of "PGP For Personal
Provacy" (the non-corporate version).
Please correct me if I am wrong...
||k || Steve Kostecke | Debian GNU/Linux
||__|| firstname.lastname@example.org | The Open Source(R) Operating System
|/__\| http://kostecke.home.ml.org | http://www.debian.org