Windows guru requested - Securing Windows

Watkin Simon ukcrypto at chiark.greenend.org.uk
Fri, 9 Jun 2006 12:15:12 +0100 

> From: Brian Gladman [mailto:brg@gladman.plus.com]
> Sent: 08 June 2006 10:47 AM
> 
> Simon, I don't believe in blind trust when it comes to the security of
> encryption keys on which my safety and security (or both) might depend.

Brian, we go round and round the houses on this one.  You assume that once
Part III is in place there is a higher probability that your keys will be
seized than compared with now.  I always wonder who wants your keys and why.


You've explained to me that the scenario you fear is that someone will
encrypt a message to you using my public/private key pair and thereby result
in its seizure.  You need to unpack the "thereby" bit.  A lot.

It's like the recent comment on Spy Blog:

"We all know that HMG does not want to use this power to examine the drives
of a small group of sex criminals. Like the anti terror laws, this law will
be abused on a massive scale and the ordinary computer user will be the one
that suffers. They will sniff your traffic and see that you have pgp on your
machine, and will flag you as a potential criminal. They will then demand
your keys even though you have done nothing at all, simply because you are
putting your email in an envelope.

This is the TRUE scenario that we need to explain and repeat, not the
nonsense of HMG. Wake up."

A customer of the aluminium milliner me thinks.

> If I am going to be asked to hand over such keys to _any_ other party, I
> would expect, before handing them over, to be able to determine to _my_
> satisfaction that the protection that will be offered to my keys by this
> party will meet my needs as _I_ see them to be.

If you're in key disclosure territory, that's a valid matter for discussion
with the investigator taking into account what the key protects.

> Have you released details of the procedural, technical and operational
> processes that will be used for the handling and protection of seized
> encryption keys?
> 
> If so can you please let us know where these details are available?

Section 8 of the draft code addresses procedures for dealing with disclosed
key material.  The idea that the code can address every circumstance - from
a phrase on a post-it note protecting some indecent images through to a 3072
bit key protecting something or other - and set out a range of processes is
unrealistic.  Those processes need to reflect circumstances and changes in
technology and security.  Setting them in stone in a statutory code isn't
the place to do that.  

> Unless I missed it, I did not see the unconditional and unconstrained
> right of key owners to revoke their keys at any time, irrespective of
> whether they are seized or are subject to seizure, had been recognised
> in your proposals.

It goes without saying that unless the notice includes a secrecy requirement
the recipient can say and do what they like - so long as their conduct does
not amount to perverting the course of justice.

> Nor did I see a clear statement indicating that the unqualified
> revocation of a key subject to seizure did not constitute tipping off.

Paragraph 10.12

Simon Watkin
Home Office


**********************************************************************
This email and any files transmitted with it are private and intended 
solely for the use of the individual or entity to whom they are addressed. 
If you have received this email in error please return it to the address 
it came from telling them it is not for you and then delete it from your system.

This email message has been swept for computer viruses.

**********************************************************************


The original of this email was scanned for viruses by Government Secure Intranet (GSi)  virus scanning service supplied exclusively by Cable & Wireless in partnership with MessageLabs.
On leaving the GSI this email was certified virus free.
The MessageLabs Anti Virus Service is the first managed service to achieve the CSIA Claims Tested Mark (CCTM Certificate Number 2006/04/0007), the UK Government quality mark initiative for information security products and services.  For more information about this please visit www.cctmark.gov.uk