[682] in cryptography@c2.net mail archive
Re: Full Strength Stronghold 2.0 Released Worldwide
daemon@ATHENA.MIT.EDU (Tom Weinstein)
Mon May 5 12:21:38 1997
Date: Sun, 04 May 1997 23:33:38 -0700
From: Tom Weinstein <tomw@netscape.com>
To: Bill Frantz <frantz@netcom.com>
CC: cryptography@c2.net
Bill Frantz wrote:
>
> At 10:08 PM -0700 5/4/97, Tom Weinstein wrote:
>> Just for a little more clarification, what we're proposing to do is
>> provide corporate key recovery in which keys will be escrowed by
>> the corporation, not by a government agency.
>>
>> We're not doing this in exchange for permission to export stronger
>> crypto, but because our customers have required it of us. It's not
>> acceptable to most people for the loss of their password to mean that
>> they can't ever read any of their old mail again.
>
> Tom - I, and I suspect others, would appreciate knowing exactly which
> keys are covered by this customer requirement. I see Netscape dealing
> with the following keys:
>
> * Long term SSL signature key.
> * SSL session key.
> * Are there any others???
>
> I agree it would be a drag to lose your SSL signature key, considering
> what a VeriSign cert costs and possible lost business etc. On the
> other hand, the SSL session keys cover only communication. Since web
> servers don't normally save the cypher text of SSL sessions, there is
> little reason to save the keys.
First of all, we aren't doing anything yet. This is just vaporware
at the moment.
Secondly, I don't think signature keys should ever be escrowed. We do
have a way to import and export keys and certs in 4.0, so you could use
that yourself if you wanted to save them on a floppy, or something.
Otherwise, the best way to recover from a lost signature key is to get a
new cert issued with a new key.
Finally, what should be recoverable (assuming RSA keys) are email
encryption keys and server SSL keys. Since client SSL keys are only
used for signatures, there's no reason to escrow them.
I'm not real big on escrowing session keys, and we don't have any plans
for that.
--
You should only break rules of style if you can | Tom Weinstein
coherently explain what you gain by so doing. | tomw@netscape.com
