PGP "master keys"
Anne & Lynn Wheeler
lynn at garlic.com
Fri Apr 28 10:17:46 EDT 2006
Steven M. Bellovin wrote:
> Ah -- corporate key escrow. An overt back door for Little Brother, rather
> than a covert one for Big Brother....
the key escrow meetings attempted to differentiate between keys used for
authentication and keys used for securing corporate data (I only went to
a couple of the meetings). the case of key escrow as part of
securing corporate data was similar to business processes for backing up
corporate data, disaster recovery, and no single point of failure. in
fact, escrow of authentication keys was equally a violation of business
standards as not having escrow of encryption keys.
there was cross-over from backup infrastructure and the transition from
all corporate data residing in hardened datacenters to individual
desktops ... where the they were finding critical corporate data being
managed and maintained w/o adequate backup and recovery capabilities.
the point of key escrow as part of infrastructure securing corporate
data ... was that the data belonged to the corporation ... and loss of
keys could be equivalent to losing the data ... and as such, was as
negligent as not backing up critical corporate data and not having a
disaster/recovery plan.
there was some backup related study that claimed half of the
corporations that had a disk failure (where the disk was not being
backed up) containing critical corporate data ... filed for bankruptcy
withing 30 days of the failure. i assumed that "critical" was stuff like
account-billable files ... loosing a month worth of customer account
billing information could create a real dent on the corporation's cash
flow. one incident involved a corporation that lost something like $50m
in monthly billings.
it wasn't suppose to be a back door to anything ... anymore than having
copies of all corporate files on corporate backup tapes (however, the
corporate backup tapes wouldn't be worth a lot if all the data has been
secured with encryption ... and the encryption keys are lost).
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list