[2951] in cryptography@c2.net mail archive
Re: IETF building GAK into the PKI
daemon@ATHENA.MIT.EDU (Eric Young)
Tue Jul 14 12:58:31 1998
Date: Tue, 14 Jul 1998 22:41:39 +1000 (EST)
From: Eric Young <eay@cryptsoft.com>
To: Peter Gutmann <pgut001@cs.auckland.ac.nz>
cc: cryptography@c2.net, schear@lvcm.com
In-Reply-To: <90036737220466@cs26.cs.auckland.ac.nz>
On Tue, 14 Jul 1998, Peter Gutmann wrote:
> (At some point I must write up a rant about creeping key escrow, it's scary how
> many commercial products I'm seeing which are designed so that the keys will
> be generated by a central authority, with a copy sent to the user. What's
> worse is that the people who end up buying and using the products see this as
> perfectly normal, and it often takes a fair bit of explaining for them to see
> why this is a bad thing).
As Fuel for this one, Australia Post is looking at getting into the CA
busness (KeyPost). Once your identity is established they give you a
floppy with your cert and private key. Not many people seem to see any
problem with this :-(.
eric
