[806] in cryptography@c2.net mail archive
Re: CACK without GAK
daemon@ATHENA.MIT.EDU (Carl Ellison)
Mon May 12 13:37:01 1997
Date: Sun, 11 May 1997 05:26:15 -0400
To: jamesd@echeque.com
From: Carl Ellison <cme@cybercash.com>
Cc: Tom Weinstein <tomw@netscape.com>, Matt Blaze <mab@crypto.com>,
cryptography@c2.net
In-Reply-To: <199705101501.IAA14682@proxy3.ba.best.com>
At 08:00 PM 5/9/97 +0800, jamesd@echeque.com wrote:
>An encryption key will have a name like "Accounts receivable, MegaCorp",
>and will be known to more than one member of the corporation,
>probably to the keymaster, the CEO, and possibly more than one
>person in accounts receivable. The private key will be a corporate
>secret, but not an individual secret.
As long as the key identification clearly indicates that this is a corporate
key rather than an individual's, I think you have a wonderfully ethical and
logical solution to the corporate access problem.
+------------------------------------------------------------------+
|Carl M. Ellison cme@cybercash.com http://www.clark.net/pub/cme |
|CyberCash, Inc. http://www.cybercash.com/ |
|207 Grindall Street PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Baltimore MD 21230-4103 T:(410) 727-4288 F:(410)727-4293 |
+------------------------------------------------------------------+
