[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: comments on PGP *5*

Joseph Carter writes:
> [1  <text/plain; us-ascii (quoted-printable)>]
> On Sun, Sep 13, 1998 at 10:45:02PM -0400, Steve Kostecke wrote:
>> [snip]
>> > PGP v5 supports key escrow and it can be used without your knowledge or
>> > consent with v5.x, though it can only be specifically enabled in 5.5+ I
>> [snip]
>> IIRC PGP5 can be configured, by your sysadmin, to automatically encrypt
>> a outgoing message session key with a "corporate public-key" in addition
>> to the recipient's public-key. And that PGP5 can be configured to refuse
>> to decrypt messages when the session key was not encrypted with the
>> "corporate public-key". As I understand it this NOT key-escrow.
>> AFAIK PGP5 does not provide a mechanism to force you to send a copy of
>> your private key to an "Offical Key Escrow Authority". And that the
>> "key-recovery" feature has no effect on users of "PGP For Personal
>> Provacy" (the non-corporate version).
>> Please correct me if I am wrong...

> I believe you are, but I haven't got (nor do I want) a windoze box to test
> it.

He isn't wrong about the escrow.  Nobody gets your key.  What happens is 
that your business key also gets the corporate key added on to it.  So
when someone encrypts to your business key, they're also encrypting to
the corporation.  This is not key escrow.

> The problem you outline still allows your employer (or anyone with access to
> the corporate private key, whether authorized or not--do you trust your
> pointy-hair's security methods and pass{words,phrases}?) to view any mail
> encrypted to you.

This is true.  This is why you don't want to use the commercial version
of PGP for personal mail, because only the commercial version does this.
If you're trying to receive private email at work (and that's okay with
your employer), then just generate two seperate keys--one with the
commercial version, and one with the personal version.

> Essentially it circumvents the security provided by PGP.

No, it allows your company to take reasonable steps to accessing
corporate data.  You wouldn't object to the company giving you a safe to 
keep the aircraft designs locked in if they wanted to have the
combination, would you?  The safe is provided for company use only.  If
you want your own safe, nobody's stopping you from going out to Wal-Mart
and buying one, and then you don't have to share the combination with
anyone.  This is exactly what the situation is with PGP.

Neale Pickett, propellerhead       Contact information in headers
Los Alamos National Laboratory, Network Engineering Group (CIC-5)

Reply to: