[2959] in cryptography@c2.net mail archive
Re: IETF building GAK into the PKI
daemon@ATHENA.MIT.EDU (Steve Bellovin)
Tue Jul 14 16:37:36 1998
To: perry@piermont.com
cc: Ben Cox <cox@djehuti.com>, cryptography@c2.net, pgut001@cs.auckland.ac.nz
Date: Tue, 14 Jul 1998 14:53:42 -0400
From: Steve Bellovin <smb@research.att.com>
In message <199807141756.NAA03524@jekyll.piermont.com>, "Perry E. Metzger" writ
es:
> > Organizations like banks, oil companies, telecommunications companies, etc.
> > want key recovery.
>
> They want key recovery for DATA. Not for interactive communication.
Perry, I keep seeing stories in the Wall Street Journal about
brokerage firms -- in an attempt to comply with their perception of
SEC regulations -- monitoring employee email via assorted automated
systems. Might they be customers for communications key access?
>
> PKIX is a public key infrastructure. Public keys are used for
> interactive communication -- very rarely, if ever, are they used for
> things like data storage. The result of this is that GAK is worthless
> to any business in its public key infrastructure. Only the government
> wants it. There is no legitimate business function here.
There's always email...
