Tim May wrote:
> >are you required to provide your private keys to an enemy (e.g. someone
> >who is sueing you) ?
>
> The lawyers and lawyer larvae can comment better than I can. I
> believe the answer is "yes, documents must be in usable form by your
> ex-wife's lawyers," for example. This probably doesn't mean turning
> over a private key, but it means decrypting one's financial records,
> one's communications with a lover, etc.
I guessed so.
however, this is a perfect territory for the "selectable decryption"
we've been talking about here recently. just decrypt that love letter to
a boring business mail. or better: refuse to hand it over because it is
a business mail, THEN if ordered by the court, decrypt it to one.
> I expect 95% or more of all encryption is done at the transport
> layer, i.e., for transmission. Most peoplee, I surmise, keep their
> original compositions in unencrypted form and their decrypted
> transmissions in that form, too. The perceived threat model is for
> interception by ISPs, snoops, and government agencies.
that's where good software comes in. mutt, for example, stores the
received encrypted mail - well, encrypted. decryption is done when you
view the mail. also, encrypted mails you send are encrypted twice - once
with the receipient's key and sent to him, once with your key for your
"outbox" archive.
> It might make sense to encrypt more stuff on local computers, but I
> expect this is rare up to this point.
it won't become more if you rely on people doing it. it WILL become more
if good software just does it. the above example for mutt is, I believe,
a very good solution - if you encrypt the mail in the first place, it
would be stupid to keep a plaintext copy in the archive. on the other
hand, the one encrypted with the receipients key wouldn't help you much.
