-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Mar 29, 2012, at 2:48 PM, mhey...@gmail.com wrote:
> On Tue, Mar 27, 2012 at 1:17 PM, Nico Williams wrote:
>> On Tue, Mar 27, 2012 at 5:18 AM, Darren J Moffat
>>>
>>> For example an escrow system for ensuring you can decrypt data written by
>>> one of your employees on your companies devices when the employee forgets or
>>> looses their key material.
>>
>> Well, the context was specifically the U.S. government wanting key
>> escrow.
>>
> Hmm - these are not mutually exclusive.
>
> Back in the mid to late 90s, the last time the U.S. government
> required key escrow for international commerce with larger key sizes,
> they allowed key escrow systems that were controlled completely by the
> company. Specifically, they allowed Trusted Information System's
> RecoverKey product (I worked on this one, still have the shirt, and am
> not aware of any other similar products available at the time - PGP's
> came later and was more onerous to use).
>
> RecoverKey simply wrapped a session key in a corporate public key
> appended to the same session key wrapped with the user's public key.
> If the U.S. Government wanted access to the data, the only thing they
> got was the session key after supplying the key blob and a warrant to
> the corporation in question. The U.S. government even allowed us to
> sell RecoverKey internationally to corporations that kept their
> RecoverKey data recovery centers offshore but agreed to keep them in a
> friendly country.
I'd have to disagree with you on much of that.
The US Government never required key escrow for international commerce.
Encrypted data was never restricted, what was restricted was the export of
software etc. If you were of a mind where you thought that the only way to get
cryptographic software was from the US, then you'd think this might be
something like effective. In reality, the idea was absurd from the get-go
because encrypted data was never restricted.
The people who wanted to push key escrow never had a good way to explain to
anyone why they'd want it. They never had a good carrot, either, for it. At one
point, they tried to sugar-coat it by offering fast-tracks on export for it,
but Commerce granted export easily. Furthermore, Commerce's own rules
progressed so fast with so many exemptions that it was all obviated before it
could be developed.
Amusingly, I ended up having TIS's RecoverKey under my bailiwick because
Network Associates bought PGPi and then TIS. The revenues from it were so small
that I don't think they even covered marketing material like that shirt you
had. In a very real sense, it didn't exist as anything more than a
proof-of-concept that proved the concept was silly.
Also, there wasn't a PGP system. The PGP "additional decryption key" is really
what we'd call a "data leak prevention" hook today, but that term didn't exist
then. Certainly, lots of cypherpunks called it that at the time, but the
government types who were talking up the concept blasted it as merely a way to
mock (using that very word) the concept.
Jon
-BEGIN PGP SIGNATURE-
Version: PGP Universal 3.2.0 (Build 1672)
Charset: us-ascii
wj8DBQFPdOR+sTedWZOD3gYRAtc6AKD/GlvCO3/cs+xuaPTz5I0sqjfUzwCdGcw2
4PlzXeIu0dK9EqfgDQBfpLI=
=GfnU
-END PGP SIGNATURE-
___
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography