BBC Online 24/3/2000: "MI5 laptop snatched"
Owen Lewis
oml at eloka.demon.co.uk
Mon, 27 Mar 2000 10:24:26 +0100
----- Original Message -----
From: "Caspar Bowden" <cb@fipr.org>
To: <ukcrypto@maillist.ox.ac.uk>
Sent: 24 March 2000 15:27
Subject: RE: BBC Online 24/3/2000: "MI5 laptop snatched"
> > encryption is so
> > secure that you can allow anyone to have access to your
> > secrets, oh, for 50
> > years or so :-) You really can't have it both ways, you know.
>
> Yes you can.
Well, you can try :-) Whether anyone will let you is another matter.
There's all the difference in the world between trusting crypto
> that is setup and used according to one's own criteria, and trusting your
> key to a wholly opaque organisation, whose procedures and compliance will
> not be independently specified or audited, and is under continual
> cheese-paring pressure to cut corners and do stuff on the cheap.
Well, you make a point tangential to the thread. However, to take it as it
is:
- If you mean to imply that one is always the more secure in the
first case than the second, that is simply not so,
- If you mean that in the first case you have to live with the
consequences of your own shortcomings and in the second case with the
shortcomings of others, I might agree with you. One would then need to
return to the first point.
Owen
The risk is
> out of your control and in the immortal words of Tristan Garel-Jones MP
> signing a Matrix-Churchill PII certificate, "could result in
unquantifiable
> damage".
> --
> Caspar Bowden http://www.fipr.org
> Director, Foundation for Information Policy Research
> Tel: +44(0)171 354 2333 Fax: +44(0)171 827 6534
>
>
>
>