[2943] in cryptography@c2.net mail archive
Re: IETF building GAK into the PKI
daemon@ATHENA.MIT.EDU (Steve Schear)
Mon Jul 13 12:02:28 1998
In-Reply-To: <90025814905219@cs26.cs.auckland.ac.nz>
Date: Mon, 13 Jul 1998 08:17:41 -0700
To: pgut001@cs.auckland.ac.nz
From: Steve Schear <schear@lvcm.com>
Cc: cryptography@c2.net
>Summary, and a plea for reasoned debate
>---------------------------------------
>
>Unlike the PGP CMR field, which was seen as a potential future problem, the
>PKI draft is not just a future problem but one which has already arrived.
>The
>UK plan demonstrates how governments will turn the PKI into a CKI, whether
>its
>designers intended it for this use or not.
>
>I realise that this is a somewhat emotional issue for most people, so please
>don't respond by flaming the people responsible for the design.
Even if these designers arn't flamed, it would be useful for their names to
be widely known (e.g., when those of us in hiring positions are considering
their resumes). I can't believe they weren't aware of the consequences of
their designs.
>I'm posting
>this message to bring it to peoples attention since it seems to have slipped
>by unnoticed until now, but I don't want to start a war over it.
>
>One possible resolution to the problem is to remove the key
>recovery/proto-GAK
>portions from the standard but allow a hole for user-defined additional
>messaging, as PGP Inc. did by making the former CMR field a reserved field.
>That way if anyone really wants "key recovery" they can add it themselves
>without making it a part of the PKI architecture.
Excellent cybersnooping. How do we gather up enough of a concensus to
affect the outcome?
--Steve
---------------------------------------------------------------------
reply to schear - at - lvcm - dot - com ---
PGP mail preferred, see http://www.pgp.com and
http://web.mit.edu/network/pgp.html
RSA fingerprint: FE90 1A95 9DEA 8D61 812E CCA9 A44A FBA9
RSA key: http://keys.pgp.com:11371/pks/lookup?op=index&search=0x55C78B0D
---------------------------------------------------------------------
