[Cryptography] Escrowing keys

Phillip Hallam-Baker phill at hallambaker.com
Fri May 5 23:54:30 EDT 2017

On Fri, May 5, 2017 at 4:37 PM, Tom Mitchell <mitch at niftyegg.com> wrote:

> As a minimum a contractual obligation to notify the disclosure inside
> of 24 hours
> any delivery of the key if so mandated by law needs to be part of any EULA.
> As a result the warrant must void the contract that is a foundation of the
> entire business.

​It would not work because the courts will just say that the law nullifies
the contract terms and if you are sued in another country, that is your
funeral. ​

​People have ended up going to jail because they were in a situation where
they would break US or Swiss law. The courts have no sympathy. You cannot
use the law to evade the law.

On the hardware issue, I still don't understand if people are even
disputing my proposal. I suggest the following as a logical extension of
Jon Postel's proposal.

Design your hardware to last 20 years.
Design your system assuming some will die after 20 minutes, 20 days, 20

​I design protocols. If people ​think they can engineer perfect electronic
hardware, more power to them. I will still design assuming a non trivial
failure rate. Applying Murphy's law, we should design the system assuming
any single electronic device might fail.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20170505/d6c83c5d/attachment.html>

More information about the cryptography mailing list