[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: FW: Key Recovery

To: ipsec@tis.com
Subject: Re: FW: Key Recovery
From: "Michael C. Richardson" <mcr@sandelman.ottawa.on.ca>
Date: Thu, 09 Apr 1998 16:48:33 -0400
CC: CJ Gibson <cjgibson@semaphorecom.com>
In-reply-to: Your message of "Thu, 09 Apr 1998 12:00:03 PDT." <0171F2F8F9E5D011A4D10060B03CFB440CAF1C@scc-server3.semaphorecom.com>
Reply-To: nobody@sandelman.ottawa.on.ca
Sender: owner-ipsec@ex.tis.com

-----BEGIN PGP SIGNED MESSAGE-----

CJ: Non-realtime of recovery of bulk/symmetric session keys has no law
enforcement value according to many. It also requires hugh amounts
stable (i.e. subpoenable), secure storage.

If some law enforcement agency wants real time access to symmetric keys,
then they can define the protocols to do that securely, and if there is a
market (or they legislate one), I suppose that some vendors will produce
compliant products. Their protocol would presumably also apply to S/MIME,
PGP, SSL and SSH, so we in the IPsec world would be smart to let them design
the protocol. The law enforcement agencies will need clear legislation
defining (probably limiting) their liability.

The RSA keys used in IKE are used for signature purposes only. Escrow
of them results in a mistrial when used for law enforcement purposes because
the defendant can prove that the law enforcement agency could have fabricated
the evidence. ("Entrapment")
Access to escrowed signature keys does not directly result in
recover of symmetric session keys, only disclosure of identities. To recover
session keys, an active, man-in-the-middle attack must be done.
Further, escrow of RSA signing keys is already a feature in many PKI
offerings, and outside of the scope of both IPsec and IKE.

If people could *PLEASE* tell whatever NARCs work at their respective
organizations to get a clue. The IETF and IPsec WG position on this has
been made clear on numerous occasions. If you don't like that, take it to
the IAB directly. Don't even bother this WG.

[Greping for "escrow" on my achives:

http://www.sandelman.ottawa.on.ca/ipsec/1994/03/msg00005.html
http://www.sandelman.ottawa.on.ca/ipsec/1995/02/msg00042.html
http://www.sandelman.ottawa.on.ca/ipsec/1995/07/msg00016.html
http://www.sandelman.ottawa.on.ca/ipsec/1995/12/msg00077.html
http://www.sandelman.ottawa.on.ca/ipsec/1996/07/msg00046.html
Also: 1996/08/msg00000.html
1996/08/msg00005.html
1996/08/msg00018.html
1996/08/msg00110.html
1996/08/msg00111.html
1996/08/msg00126.html
1996/08/msg00128.html
1996/08/msg00129.html
1996/08/msg00130.html
1996/08/msg00131.html
1996/08/msg00137.html
1996/09/msg00000.html
1996/09/msg00057.html
1996/10/msg00050.html
1996/10/msg00058.html
1997/09/msg00121.html
1998/02/msg00266.html
1998/02/msg00311.html
1998/02/msg00333.html

:!mcr!: | Sandelman Software Works Corporation, Ottawa, ON
Michael Richardson | SSH IPsec: http://www.ssh.fi/. Secure, strong, international
Personal: <A HREF="http://www.sandelman.ottawa.on.ca/People/Michael_Richardson/Bio.html">mcr@sandelman.ottawa.on.ca</A>. PGP key available.
Corporate: <A HREF="http://www.sandelman.ottawa.on.ca/SSW/">sales@sandelman.ottawa.on.ca</A>.

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia
Charset: latin1
Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface

iQB1AwUBNS00G9iXVu0RiA21AQEDzgMAicMggqJHa+ABMj5XS2Vrfe2/JKTCcjXT
B8SsE/cA483EGO8Dgb/o7Jg3VNCcWwz8aCDBA7K127BYtT0VIpx42DJEvf3XBYUB
BqjxtdYkxSyfrdx3p4OJzsVdaFU60OZ2
=XP6o
-----END PGP SIGNATURE-----

References:

FW: Key Recovery

From: CJ Gibson <cjgibson@semaphorecom.com>

Prev by Date: Re: Last Call for IPSEC
Next by Date: RE: Last Call for IPSEC
Prev by thread: Re: [ipsec] FW: Key Recovery
Next by thread: [ipsec] FW: Key Recovery
Index(es):
- Main
- Thread