DTI Policy Response

Carl Ellison cme at cybercash.com
Wed, 29 Apr 1998 14:01:57 -0400 

-----BEGIN PGP SIGNED MESSAGE-----

At 09:06 AM 4/29/98 +0100, Dr John Leach wrote:
>At 14:58 28/04/98 +0100, Nicholas Bohm wrote:
>>It is also not clear whether a provider of a certificate for a PGP
>>key is "facilitating encryption services" (Statement, para 12)
>
>I think it is fairly clear that it would be.
>
>>The reasoning would be that a
>>PGP key cannot be said to be used solely for signature (whatever the
>>intentions of its owner, since third parties can use it to encrypt messages
>>sent to the owner).
>
>I would imagine that, from the DTI's point of view, this would be one of
>the drawbacks for a user of using PGP.  Caveat Emptor they would say, and
>that if that's a problem for you, you should move to a product that uses
>different keys for the different functions.  Let's hope PGP is upgraded to
>work in this way.
>
>>If this is really how it is meant to work, no PGP key user could get a
>>licensed CA certificate for the key without submitting to escrow (which
>>would undermine the reliability of signatures using the key).
>
>That seems about right.

<shameless-plug>

The reference code for SPKI/SDSI 2.0 provided by Matt Fredette at MIT 
includes a utility that converts PGP public keys into SPKI/SDSI key 
descriptions.  That description includes the algorithm for which the key is 
being used.  In all cases, at least so far, these algorithms are only 
signature verification algorithms.  Any key that is certified with an 
SPKI/SDSI 2.0 certificate is certified only for signature purposes.  We 
haven't defined algorithms for content decryption or certificate forms for 
certifying such keys.

</shameless-plug>


 - Carl

-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.5.3

iQCVAwUBNUdrFBN3Wx8QwqUtAQFSDQP/fOq5HHN8Vnu9EukQUMubQu0K+DWlt7yS
8gHYjMaj0Z3XalNOIHgXfEXfAOh6Sm91KRZcKQbii2vh+GGNo8NE3CJDqWUFjjmB
/1MN1FLKWi9HXw+MzKW7DcdqYCNxC7X3VoIX7ifeGu4jRfwygnxqvOfFwJiJ25O6
Y7i2yKHA568=
=Hieg
-----END PGP SIGNATURE-----


+------------------------------------------------------------------+
|Carl M. Ellison  cme@cybercash.com   http://www.clark.net/pub/cme |
|CyberCash, Inc.                      http://www.cybercash.com/    |
|207 Grindall Street  PGP 08FF BA05 599B 49D2  23C6 6FFD 36BA D342 |
|Baltimore MD 21230-4103  T:(410) 727-4288  F:(410)727-4293        |
+------------------------------------------------------------------+