The suggestion that government need key escrow or recover to defend us against terrorist or criminals is clearly rubbish.
I think if I were engaged in criminal or terrorist actives I might just not be all that bothered about being done for failing to log my private key with a TTP. I might just feel that it was less risky not to give them my key than to let them read where my next ton of semtex was landing.
The requirement for key escrow is driven by our security services paranoia about not being able to intercept legitimate communication between citizens if it wants to. It been able to intercept the mail, telephone and fax for as long as these facilities have existed and it can't bear the thought that email might be closed to it.
-------------------------------------------------------------------------------------------------
Ewan Davis
AAH Meditel - Voice +44 (1) 527 579414 Fax +44(1)527 837287
Email [log in to unmask] also at [log in to unmask]
-----Original Message-----
From: John Williams [SMTP:[log in to unmask]]
Sent: 27 April 1998 23:56
To: gp-uk
Subject: DTI cryptography - a "not iminent" announcement
Snip
but it looks horribly as if
they support much of what was in the original DTI proposals about key
escrow and licensing of Trusted Third Parties. Law enforcement officers
will in some circumstances be able to demand private keys to decrypt
confidential information and there is no mention of any exceptions.
This is as yet obviously some way from legislation but it shows what the
government is thinking. All done on the quiet - I wonder why. Text can
be found at:
http://www.cl.cam.ac.uk/ftp/users/rja14/dti1
and
http://www.cl.cam.ac.uk/ftp/users/rja14/dti2
--
John Williams
Email: [log in to unmask]
Fax: 01483 440928
|