[2973] in cryptography@c2.net mail archive
Re: IETF building GAK into the PKI
daemon@ATHENA.MIT.EDU (P.J. Ponder)
Thu Jul 16 00:59:47 1998
Date: Wed, 15 Jul 1998 21:54:58 -0400 (EDT)
From: "P.J. Ponder" <ponder@mail.irm.state.fl.us>
To: Steve Bellovin <smb@research.att.com>
Cc: Vin McLellan <vin@shore.net>, Carl Ellison <cme@acm.org>,
cryptography@c2.net
In-Reply-To: <199807151912.PAA19690@postal.research.att.com>
On Wed, 15 Jul 1998, Steve Bellovin wrote:
> In message <Pine.LNX.3.96.980715142659.136G-100000@mail.irm.state.fl.us>, "P.J.
> Ponder" writes:
> >
> > The part here that concerns me is 'employee's personal key'. If it is
> > company data, why would it not be stored with a corporate key, or the
> > 'employee's corporate key'. Company policy should not permit storage of
> > company data with personal keys.
>
> "Personal" key? No, not in the sense of "a key owned by that
> individual". But in the sense of "a company key known only to
> a few individuals, possibly one" -- yes, that's exactly what's
> meant. Nothing else scales.
>
> Consider -- my company has more that 100,000 employees. Should we
> all share the same key? Should we all share it given all the risks
> of insider attacks?
I took the term 'employee's personal key' to mean just that, a personal
key. I think what was meant was more like an 'employee's corporate key'.
Not meaning to infer that there is one key for the corporation, but rather
to imply a key used by an individual on behalf of a comapnay, or in the
line of business, or as part of duties associated with the company. That
is what I would refer to as a 'corporate key'.
I would use the term 'personal key' to mean a personal key known only to
the individual for use in his or her personal capacity, not as an agent or
employee. We should have some way of distinguishing keys by ownership and
control for employees acting in their individual versus corporate
capacities. The distinction is important to employees and employers, and
we don't want to cause confusion about corporate employees being forced to
divulge 'personal' keys when we are only talking about 'corporate keys
assigned to individuals'.
--
pj
