What has really changed ...
Ross Anderson
Ross.Anderson at cl.cam.ac.uk
Wed, 11 Aug 1999 20:45:54 +0100
Alastair Kelman:
> Key Recovery is good in electronic commerce but bad everywhere else.
Alastair, you've spent the last few years of your life working with
electronic copyright management systems.
You're not now suggesting that in this particular corner of electronic
commerce, my boss should have a master key that enables him to take
buckshee copies of all my programs, CDs, games, e-coins, ... :-)
I could make a similar oversimplification by saying that key recovery
is OK in the public sector but bad everywhere else. After all, we all
support Maurice Frankel's herculean efforts to hold Mr Blair to his
pre-election promises of a Freedom of Information Act; and we would
all like to see the police empowered to investigate the No. 10 policy
unit if there were ever allegations of Watergate-style goings on
(which heaven forfend).
However, the Cheltenham interpretation of the above statement would
encompass key-escrow access to everyone's NHS records on the one hand
and plausible deniability for all ministerial and senior civil
service traffic on the other. In fact the Royal Holloway protocol
appears to have been designed to deliver just that,
Ross