UK crypto policy announcement today at 3:30pm
Nicholas Bohm
nbohm at ernest.net
Mon, 27 Apr 1998 19:56:40 +0100
At 18:56 27/04/1998 +0100, Tim Stammers wrote:
>DTI has issued 3 page press release and six page detail document. Try Press
>office on 0171 215 5961 for copies. Says voluntarily licenced CA's will
>offer 'presumption of legal recognition' of signatures AND....(much later
>in detail) 'licenced service providers will be required to make recovery of
>keys possible through suitable storage arrangements.'
>
>Is this escrow by the back door?
Yes, if the following illusory risks get hyped enough:
using keys without the certificate of a licensed CA;
failing to use a licensed key-recovery service.
>How many commercially-used encryption packages use the same key for signing
>and encrypting? (or is this unimportant?)
It could be very important: PGP and similar systems are just the ones
which could get caught up in effectively mandatory escrow.
Regards,
Nicholas Bohm
Salkyns, Great Canfield,
Takeley, Bishop's Stortford CM22 6SX, UK
Phone 01279 870285 (+44 1279 870285)
Fax 01279 870215 (+44 1279 870215)
Mobile 0860 636749 (+44 860 636749)
PGP RSA 1024 bit public key ID: 0x08340015. Fingerprint:
9E 15 FB 2A 54 96 24 37 98 A2 E0 D1 34 13 48 07
PGP DSS/DH 1024/3072 public key ID: 0x899DD7FF. Fingerprint:
5248 1320 B42E 84FC 1E8B A9E6 0912 AE66 899D D7FF