[2953] in cryptography@c2.net mail archive
Re: IETF building GAK into the PKI
daemon@ATHENA.MIT.EDU (Ben Cox)
Tue Jul 14 13:20:13 1998
In-Reply-To: <90036737220466@cs26.cs.auckland.ac.nz>
Date: Tue, 14 Jul 1998 09:48:47 -0400
To: cryptography@c2.net
From: Ben Cox <cox@djehuti.com>
Cc: pgut001@cs.auckland.ac.nz
I had thought this list was not for discussion of political issues, but
since this is already being discussed, I'd like to add my two cents.
Someone wrote:
> >>I realise that this is a somewhat emotional issue for most people, so
>please
> >>don't respond by flaming the people responsible for the design.
Someone else responded:
> >Even if these designers arn't flamed, it would be useful for their names to
> >be widely known (e.g., when those of us in hiring positions are considering
> >their resumes). I can't believe they weren't aware of the consequences of
> >their designs.
Peter Gutmann wrote:
> That may be taking things a bit far... I think the people who designed these
> features genuinely weren't aware of how they would end up being (mis)used
>once
> they were in place.
I know some of the people responsible for these designs, and I am quite
certain that they were aware of how they might be misused.
I (and they) realize that it is certainly a valid goal not to have
governments require key recovery features in cryptosystems. However, many
people try to attain that goal by trying to prevent (or discourage) systems
from being built which have key recovery systems built in at all.
This is a mistake.
Despite the blind assertions to the contrary which I have seen on this list
and others, there ARE legitimate business needs for key recovery.
Organizations like banks, oil companies, telecommunications companies, etc.
want key recovery. The simple reason: their employees' data belongs to
them and they want to make sure they can always get to it, even after an
employee fails the "bus test." Another: their networks belong to them, and
they want to be sure (indeed, it may be legally required of them) that they
know what is flowing over them.
The customers that want and will pay for key recovery systems make up large
portions of the world economy. There are LOTS of zeroes on those requests
for bids, and companies who end up getting those contracts are going to
build them what they want, to get a share of all those zeroes.
The people who design systems like PKIX work for the companies who are
getting those contracts (and hence, those of you "in hiring positions"
aren't likely to see their resumes any time soon). The companies they work
for (e.g., IBM) didn't get to be where they are by ignoring the
requirements of their customers, and they aren't about to start doing so
now.
In short: key recovery systems ARE being built and WILL continue to be
built, whether "cypherpunks" are happy about it or not. It is a mistake to
try to prevent or discourage these systems from being designed and
deployed. It would be much more effective to focus energies on the REAL
goal, which is to prevent or discourage governments from making key
recovery features mandatory for all crypto use.
(I will now don my asbestos suit...)
--
Ben Cox <cox@djehuti.com>
(Disclaimer: the above is my personal opinion, which
isn't endorsed by anybody else; I speak for nobody but me.)
