[3649] in cryptography@c2.net mail archive
obtaining confidentiality from authentication keys (Re: DCSB: Risk Management is Where the Money Is; Trust in Digital )
daemon@ATHENA.MIT.EDU (Adam Back)
Fri Nov 13 17:32:34 1998
Date: Fri, 13 Nov 1998 21:19:46 GMT
From: Adam Back <aba@dcs.ex.ac.uk>
To: Jeff.Hodges@stanford.edu
CC: I.Brown@cs.ucl.ac.uk, cryptography@c2.net
In-reply-to: <199811131913.LAA00798@Wind.Stanford.EDU>
(Jeff.Hodges@stanford.edu)
Jeff.Hodges writes:
> quick semi-newbie question..
>
> I.Brown@cs.ucl.ac.uk said:
> > But if a certified public key can be used for encryption and not just
> > signature verification, the corresponding private key must be
> > escrowed, and available to law enforcement within an hour of a
> > warrant being presented to the CA. Cue mass switch from RSA to DSA...
>
> ..what precisely underlying-technology-wise would motivate the "mass switch
> from RSA to DSA"?
Nothing. The switch in this case would be a political motivation --
the DSA can't be used (directly) for encryption.
> quick acronym verifications..
>
> DTI ::= ?
UK government body, DTI = Department of Trade and Industry, DTI is
supposed to represent the interests of business. Clearly it is not in
this case because it is the chief visible sponsor of GAK / TTP /
key-escrow attempts in the UK. DTI recently won a privacy
international "prize" for UK government agency inflicting most damage
to freedom to use non-GAKked crypto.
> OFTEL ::= ?
In the UK telecommunications is still regulated during a switch over
phase from monopoly where BT (British Telecom) were the only provider,
to ensure fair play so that competition gets a chance to catch up.
OFTEL is the regulator.
Adam
