Windows guru requested - Securing Windows

Peter Fairbrother ukcrypto at chiark.greenend.org.uk
Fri, 09 Jun 2006 13:41:04 +0100 

Watkin Simon wrote:

>> From: Brian Gladman [mailto:brg@gladman.plus.com]
>> Sent: 08 June 2006 10:47 AM
>> 
>> Simon, I don't believe in blind trust when it comes to the security of
>> encryption keys on which my safety and security (or both) might depend.
> 
> Brian, we go round and round the houses on this one.  You assume that once
> Part III is in place there is a higher probability that your keys will be
> seized than compared with now.  I always wonder who wants your keys and why.

I can't speak for Brian, and he's quite capable of doing so for himself, so
I'll just pretend I wrote what he did.

I am not worried about my keys being seized, I am worried about them being
sucessfully demanded.  The present probability of that happening is zero -
when/if part III comes into force the probability will be greater than zero.

> You've explained to me that the scenario you fear is that someone will
> encrypt a message to you using my public/private key pair and thereby result
> in its seizure.  

One scenario among many.

> You need to unpack the "thereby" bit.  A lot.

?? 

Bad guy sends me message, police want to see message, police demand and get
innocent plaintext, think it may be wrong plaintext and as they have no
reason to trust me they demand the key to be sure.

What's hard about that?


[snip possible nutcase story - this is the web, there are plenty around, no
surprise there]


There are none so blind as those who will not see.

I derive little comfort from assurances that GAK will be done in a
necessary/proportionate manner - and whether I believe those assurances or
not is neither here nor there. That GAK is done at all is more than injury
enough. 

The injury is not that demands are made of the guilty, it is that demands
can be made of the innocent. The extent to which those demands on the
innocent are actually made makes little difference - the fact that demands
can be made means that everybody's secrets are insecure.

Demands cannot be made only on the guilty, it is impossible to know in
advance who is guilty. That demands are authorised by the Police rather than
by the Courts merely adds insult.

It is never necessary. It is never proportionate.


-- 
Peter Fairbrother