[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Aliases (Re-sent)

At 16:47 2/29/96, Bill Sommerfeld wrote:

>If Carl were to leave cybercash, it would not be appropriate for him
>to keep use of either the cme@cybercash.com address or key, because
>persons inside and outside cybercash who were unaware of his departure
>might continue send cybercash-confidential information to him by
>When he left, along with the key to his desk and the key to his office,
>Carl might also want to turn in the private key part of any
>cme@cybercash.com keypair which he used for confidentiality, to ensure
>that his successor(s) would be able to pick up where he left off.
>Naturally, he wouldn't want to turn over a signature key, because he
>doesn't want his successor to be able to forge his signature.

Let's take a real case.  I recently left tis.com -- am no longer cme@tis.com
but you can send mail there, from inside or outside, and you will be told
that I'm not there.  If the mail comes from outside, it's forwarded to me
at acm.org.  If it comes from inside, it isn't.

However, the PGP key I was using with cme@tis.com in the UserID field
is the same one I'm using now -- and used at Stratus.com, acm.org,
clark.net, world.std.com, ....

If I had a corporate signing key, I'd destroy it on leaving.
If I had a corporate privacy key, I'd hand it over to my boss on

My personal key, however, is mine.  The UserIDs for it simply indicate
that I (the person who holds that private key) receive mail at the
indicated e-mail addresses.

 - Carl

|Carl M. Ellison          cme@cybercash.com   http://www.clark.net/pub/cme |
|CyberCash, Inc., Suite 430                   http://www.cybercash.com/    |
|2100 Reston Parkway           PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Reston, VA 22091      Tel: (703) 620-4200                                 |