"Steven M. Bellovin" wrote:
>
> In message <[EMAIL PROTECTED]>, Damien
> Miller writes:
> >On Fri, 7 Jul 2000, Bill Stewart wrote:
> >
> >> The current UK effort is why we also need "Perfect Forward Secrecy
> >> In Everything"; it's hard to force someone to turn over their
> >> decryption keys when their equipment doesn't store them past a
> >> session, and it's easier to argue that you shouldn't be required to
> >> turn over a signature key that can only be used for forgery than a
> >> decryption key which could reveal past session keys.
> >
> >IANAL but wouldn't the UK's proposed legislation make software that
> >won't provide access to all keys implicitly illegal?
>
> "Implicit" rarely counts in law -- at least in the U.S., and most
> likely in the U.K., given the common foundations of the legal systems.
> What matters is what the statute says. If it says "you must turn over
> any keys you possess, upon proper demand", there's no problem. If it
> says "if you use encryption, you must be able to turn over the keys",
> you might have a problem. And if it says "you must keep track of all
> keys you use" -- well, yes, that does seem to rule out perfect forward
> secrecy...
There's no requirement in RIP to keep track of keys, you are merely(?)
required to hand over keys you have kept.
Ian Brown, Adam Back and I are in the process of writing an I-D for
perfect forward secrecy in OpenPGP, if people are interested in
commenting: http://www.cs.ucl.ac.uk/staff/I.Brown/openpgp-pfs.txt.
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html
Coming to ApacheCon Europe 2000? http://apachecon.com/
