On Wed, 27 Mar 2002, Ben Nagy wrote: > include a mandatory ADK (additional decryption key). This ADK could then > be installed wherever you want to do mail checking. Warning: the whole > ADK thing is flawed, IMHO, and there has already been one implementation > bug. You can find more information about it in various places on the
While I'll agree on the implementation problems, the idea of ADKs IMO aren't flawed. They become a necessity in some environments where the communication belongs to an entity such as a company and non-repudiation concerns mean that an individual must be accountable for the traffic (you could do it with seperate (shared) encryption and (individual) signing keys in this case. The other case is things like brokerages houses where there is a regulatory requirement to monitor all "public wire traffic" including e-mail- but where you want some confidentiality of traffic. ADKs work, and work well for "that employee left/died/did something naughty" situations. There are other ways to do things (escrow the original key, encrypt on behalf of the user...), but ADKs aren't a bad solution for the problem set. Paul ----------------------------------------------------------------------------- Paul D. Robertson "My statements in this message are personal opinions [EMAIL PROTECTED] which may have no basis whatsoever in fact." _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
