DTI Policy Response

[Paul Ashton]

sjmz@hplb.hpl.hp.com said that:
> brownrk1@texaco.com said:

but he didn't because I did.

> > That's interesting. So does that mean if I want to compromise X's private key,
> > I send a file encrypted by X's public key to a bad guy who is about to get
> > busted? Ok, I know I won't get the key either, but X might be unhappy
> > about having to reveal it to someone.

> Umm, not really - it would be bizarre to send a message encrypted in X's
> public key to anyone but X. No, to cause X's public key to be disclosed
> under warranted access - under a reasonable reading of the sketchy policy
> proposals - you cause a message to be sent *to* X apparently *from* a bad
> guy about to get busted. Since "from a bad guy" does not need to be
> cryptographically assured, it may suffice to perform a simple impersonation
> in the style of "telnet mxhost.for.good.guy 25\nHELO bad.guy\nMAIL FROM:
> <really.bad@mafia.org>\nRCPT TO: <good.guy>\nDATA\nSubject: Drop details\n
> \nBEGIN PGP MESSAGE ..."

Well if bad-guy is arrested and forced to disclose the contents of his files,
the cops will find a file that can only be decrypted by X. Therefore I
presume they would then either force X to reveal his key or retrieve it
from the GAK centre. Maybe missing a few Alice and Bobs here.

The gist is, if I'm in possession of a file that I can't decrypt because
I don't have the key, what can they do?

Paul