Steven M. Bellovin wrote:
Ah -- corporate key escrow.  An overt back door for Little Brother, rather
than a covert one for Big Brother....

the key escrow meetings attempted to differentiate between keys used for authentication and keys used for securing corporate data (I only went to a couple of the meetings). the case of key escrow as part of securing corporate data was similar to business processes for backing up corporate data, disaster recovery, and no single point of failure. in fact, escrow of authentication keys was equally a violation of business standards as not having escrow of encryption keys.

there was cross-over from backup infrastructure and the transition from all corporate data residing in hardened datacenters to individual desktops ... where the they were finding critical corporate data being managed and maintained w/o adequate backup and recovery capabilities.

the point of key escrow as part of infrastructure securing corporate data ... was that the data belonged to the corporation ... and loss of keys could be equivalent to losing the data ... and as such, was as negligent as not backing up critical corporate data and not having a disaster/recovery plan.

there was some backup related study that claimed half of the corporations that had a disk failure (where the disk was not being backed up) containing critical corporate data ... filed for bankruptcy withing 30 days of the failure. i assumed that "critical" was stuff like account-billable files ... loosing a month worth of customer account billing information could create a real dent on the corporation's cash flow. one incident involved a corporation that lost something like $50m in monthly billings.

it wasn't suppose to be a back door to anything ... anymore than having copies of all corporate files on corporate backup tapes (however, the corporate backup tapes wouldn't be worth a lot if all the data has been secured with encryption ... and the encryption keys are lost).

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to