At 02:00 PM 7/26/2004, Richard Levitte - VMS Whacker wrote:
That's all and well, but I can't see why that would be interesting to
a generic, third-party CA.  If you're talking about a CA within the
same corporation, then I can understand, since they usually (as far as
I can guess) work from a different standpoint and with different

What you describe feels to me like encryption is ill understood and
placed in the hands of random individuals.  If you want safety and
recoverability, there's nothing like one or several backups, maybe
protected with different means (different encryption, different
storage media (including vaults), different keys, and so on).

I believe there was at least one large institutional effort where keys were generated, escrowed and loaded into hardware tokens and distributed. the persons were expected to use the hardware tokens for both authentication and encryption. if the hardware token failed (like if the battery died), they could get a new hardware token issued with the same keys.

the obviously needed the original keys if they had used the hardware
token for encryption (of data that turned out to be laying around

however, it wasn't necessary to have escrowed keys for authentication,
simply issuing a new hardware tokens with new (authentication) keys
would have been sufficient (and reregistering the new public key).

here is an issue where, if they're using hardware tokens for key protection ...
they really need to distinguish between encryption keys and authentication
keys .... either a single hardware token with two different sets of keys ...
and the token knows how to consistently differentiate their use between
encryption and authentication ... or two different hardware tokens ...
consistently used for the different (business) purposes.

there is a side issue with institutional delivered hardware tokens ...
and if they were to replace existing shared-secret pins/passwords ...
where a person might have a hundred unique shared-secrets for
their various electronic relationships .... and potentially be issued
at least one hardware token to be used in lieu of every pin/password
... and potentially a second hardware token for encryption only
purposes (say in dongle form ... a key chain with 100-120 or dongles
... in need of medium sized ruck sack just to lug them around).

Anne & Lynn Wheeler

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to