[2963] in cryptography@c2.net mail archive
Re: IETF building GAK into the PKI
daemon@ATHENA.MIT.EDU (Steve Bellovin)
Tue Jul 14 18:09:51 1998
To: Carl Ellison <cme@acm.org>
cc: Adam Back <aba@dcs.ex.ac.uk>, perry@piermont.com, cox@djehuti.com,
cryptography@c2.net, pgut001@cs.auckland.ac.nz
Date: Tue, 14 Jul 1998 17:32:59 -0400
From: Steve Bellovin <smb@research.att.com>
In message <3.0.3.32.19980714171640.03262158@pop3.clark.net>, Carl Ellison writ
es:
> -----BEGIN PGP SIGNED MESSAGE-----
>
> At 08:55 PM 7/14/98 +0100, Adam Back wrote:
> >Now the purported problem that people who propose GAK enabling
> >solutions throw up is that for the special case of email, that email
> >is both storage and communication.
> >
> >I consider this innacurate: email in transit is communication, and
> >email in mail archives is storage. The 11 cryptographers report fails
> >to make this distinction, which I think it would have been useful to
> >make.
>
> I would love to see mailers (anyone from Qualcomm or Netscape listening?)
> keep mail archives enciphered under one or more storage keys. Symmetric
> crypto is fine for that. PGP mail can have the signature left attached to
> the cleartext (all enciphered under the storage key).
>
> This would not only keep my aggregation of data private and useless to a
> thief, but would separate the two issues.
Another way to do that would be to use proxy cryptography, per
the Blaze&Strauss paper.
