[Cryptography] Help please, considering design of personal CA for PPE

Tue Jun 24 00:02:51 EDT 2014

On Mon, Jun 23, 2014 at 8:49 PM, John Kelsey <crypto.jmk at gmail.com> wrote:

> There's a really fundamental problem somewhere in here.  People forget
> stuff.  They get old.  They die.  They get Alzheimer's.  They go crazy.
>  They disappear at sea.
>
> And then, you need to decide who gets their information, or access to
> their accounts, or whatever.  Strong crypto gives us the means to decide
> who will have that access, but the simplest solution is nobody--once your
> password is not available, nobody can guess it, so nobody gets access to
> your encrypted drive.  Another simple solution is to define one TTP as an
> escrow agent, and let him decide who gets access.  And then, there's an
> incentive for all kinds of people to parasitize that system--policemen and
> spies looking to listen in on people (with or without tiresome hearings and
> warrants), lawyers (or their well-funded employers) wanting to do
> discovery, companies with effective lobbyists who want to get the rules for
> who gets access set up for their benefit, etc.
>
> And yet, you ultimately need some kind of human judgment there.  A court
> that can declare me dead and give my wife and kids access to my encrypted
> data (or my account passwords) is also a court that can silently give the
> cops access to my encrypted data.
>
> The current solution is that probably the NSA can access a lot of my
> encrypted data and can probably get access to any account I have in the US,
> but my family won't be able to get to it if I'm dead or incapacitated.
>
> I suspect that the best that can be done here is to create a TTP (or
> network of TTPs) with the ability to grant some kind of escrow access, and
> force it to act in a public way.  But since probably every government in
> the world will instantly want to subvert that system, it's hard to see
> anyone trusting it much.
>

I have thought quite a bit about that scenario having had to deal with it
clearing up estates. There are secrets that might want to be divulged after
I am gone (details of all my bank accounts, the apartments where I keep my
mistresses, etc.) And there is information that I want to be destroyed.

One thing I learned from the Web is that it takes people time to get used
to the technology. We had blogs with comment forms in 1994. They didn't
really take off till 2000+. Same thing with social networking, there were
dozens of failed attempts before Facebook.

Only some of this is people coming up with the right idea. A big part is
that people had to get used to hyperlinks and forms before they could move
on. Web 2.0 was really about rebranding what Web 1.0 was meant to be about
all along.

In the short term probably what we need to do is impress on people that
fear of a warrant is probably less important for most people than losing
their entire life digital history, photos, documents, etc.

But for those of us who have had Anna Chapman attend seminars with us...
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140624/e4f6dd9e/attachment.html>