[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: German Key Usage

To: Simonetti David <simonetti_david@xxxxxxx>, "Eugene C. (Gene) Williams " <williams@xxxxxxxxxxxxxxxxxxxxx>, Tony Bartoletti <azb@xxxxxxxx>
Subject: RE: German Key Usage
From: "Friedrichs, Paul" <friedrip@xxxxxxxxxxxx>
Date: Mon, 17 Aug 1998 15:27:00 -0400
Cc: "cert-talk@xxxxxxxxxxxxxxxxxx " <cert-talk@xxxxxxxxxxxxxxxxxx>, "ietf-pkix@xxxxxxx " <ietf-pkix@xxxxxxx>, "blake.greenlee@xxxxxxxxxxxx " <blake.greenlee@xxxxxxxxxxxx>, "hans.nilsson@xxxxxxxx " <hans.nilsson@xxxxxxxx>, "stefan@xxxxxxxxxxx " <stefan@xxxxxxxxxxx>, "lars.gu.johansson@xxxxxxxxx " <lars.gu.johansson@xxxxxxxxx>
Sender: owner-ietf-pkix@xxxxxxx

     
     It has become 
     
     a habit, 
     
     or "mantra" 
     
or "Security 101"

or ...... a religion?
     
     that the only justification for key-escrow applies to 
     data-encryption usage, and never to dig-sig.
     
     I fear we will now be assaulted with "its ok to have DS-keys 
     escrowed, as long as the NR-bit is not set."  
     
     This would be stepping on a very slippery slope.
     
     The DS/NR separation tends to weaken key-escrow's cage.
     
Not if we don't let it. Germany has very strict laws protecting 
individuals' privacy. I don't think they'll slide.

I'm not an advocate of key escrow. I don't even disagree with 
the above assertion. But we should strive to drive technology 
with more than habits and mantras.

Paul

Follow-Ups:
- Re: German Key Usage
  - From: Andreas Berger

Prev by Date: RE: German Key Usage
Next by Date: RE: German Key Usage
Previous by thread: RE: German Key Usage
Next by thread: Re: German Key Usage
Index(es):
- Date
- Thread