Crypto elsewhere
Paul Leyland
pleyland at microsoft.com
Thu, 19 Mar 1998 09:05:15 -0800
> I suspect that it's shooting itself in the foot early in paragraph
> 3 which suggests that escrowed private keys would be about as
> much use as... well, read it... )
I did read it. I conclude that I must be missing something. Section 3
explicitly states that weak cryptography and escrowed keys are *not*
acceptable:
> 3. Security considerations
> Use of strong cryptographic authentication such as PGP is essential
> for the correct operation of this system. Compromised cryptographic
> protocols (e.g. using 40 bit keys, or escrowed private keys) would
> *not* be appropriate, since these weaknesses are now well known
> outside the cryptological community - e.g. in the print and
> broadcast media.
My emphasis added. Am I missing something?
Paul