implicit key escrow with pgp 8.0 - PGP

This is a discussion on implicit key escrow with pgp 8.0 - PGP ; Hi there! We are going to implement a PGP infrastructure and are wondering, if it is wise to use PGP 8.0. There are concerns against PGP 8.0 because (excuse my half knowledge) there is a new field in it's packet ...

+ Reply to Thread
Results 1 to 4 of 4

Thread: implicit key escrow with pgp 8.0

  1. implicit key escrow with pgp 8.0

    Hi there!

    We are going to implement a PGP infrastructure and are wondering, if it
    is wise to use PGP 8.0. There are concerns against PGP 8.0 because
    (excuse my half knowledge) there is a new field in it's packet format
    that allows to store an implicit key escrow thing. I don't know exactly.

    I think this field is just an option and there is no practical drawback
    if we are not dependent on extern authorities. Or is there a direct
    risk in security?

    Thanks in advance,
    Wollie

  2. Re: implicit key escrow with pgp 8.0

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    Wolfgang Kohnen wrote in
    news:crch07$37c$1@kohl.informatik.uni-bremen.de:

    > Hi there!
    >
    > We are going to implement a PGP infrastructure and are wondering,
    > if it is wise to use PGP 8.0. There are concerns against PGP 8.0
    > because (excuse my half knowledge) there is a new field in it's
    > packet format that allows to store an implicit key escrow thing.
    > I don't know exactly.
    >
    > I think this field is just an option and there is no practical
    > drawback if we are not dependent on extern authorities. Or is
    > there a direct risk in security?


    If you purchase PGP Corporate Desktop, you will have the option of
    creating your own installation package. If you want the package to
    require the use of an Additional Decryption Key (ADK), you can do so.
    But whether or not you want to use an ADK is strictly up to you and
    your decision at that time. As a PGP Workgroup Desktop licensee, I
    don't even have that option.

    The ADK is just an additional key that email/files are also encrypted
    to so that someone else can decrypt files/messages if that becomes
    necessary, such as due to illness, someone leaving the organization,
    etc. Often, that ADK private key would be a split key, so that no
    one person in the organization could use it by his/her ownself.

    As to a user like myself, if I communicate with someone from such an
    organization that requires their employees to use an ADK, it is up to
    me whether or not I actually encrypt additionally to that key. In
    fact, if that ADK is not on my keyring, I can't encrypt to it even if
    I want to.

    Over three years ago, there was a rather minor flaw found in how the
    ADK was implemented, but that was quickly resolved. For information
    on that, see http://www.mccune.cc/PGPpage2.htm#ADKSecurityFlaw

    -----BEGIN PGP SIGNATURE-----
    Version: PGP 8.1
    Comment: My PGP Page & FAQ: http://www.mccune.cc/PGP.htm

    iQEVAwUBQdnSImDeI9apM77TAQIUuwf/cOtFgZ+H11AdzicQBQl0xKzjSbgwL4c2
    uP7Ca+fer6nwWBQQSqaiQWL9ZqqGyvhr/AlwJOk3v7w2IT0FYRjPKfy9MM6hTJZ3
    g4uWWgPR8P82z/y/izBQv14kvcI7ZYyN27tXD2Qhg+oI83cjYEBv6lc0G4FH/EJ2
    8Vq/NMfa57AkgnHle+uVN9XVWCIMHB1AB11A2tmTPDu2P8hsV1y8SJ XqHIo/Em9t
    ujIc+WEiY8OqhgyuvwHfUSv9aJ5xXbSSDOJVH4veKvu/lgnySR3CSAdy8zBPJa77
    FkMLjwewZb2VilSGd2Y04xZk6Eup9mzuPL05tlx+un8B9BzrN0 729g==
    =dW+U
    -----END PGP SIGNATURE-----

  3. Re: implicit key escrow with pgp 8.0

    Thanks for your detailed answer!

    Greets,
    Wollie

  4. Re: implicit key escrow with pgp 8.0

    Tom McCune wrote:
    >
    > Wolfgang Kohnen wrote in
    > news:crch07$37c$1@kohl.informatik.uni-bremen.de:
    >
    > > Hi there!
    > >
    > > We are going to implement a PGP infrastructure and are wondering,
    > > if it is wise to use PGP 8.0. There are concerns against PGP 8.0
    > > because (excuse my half knowledge) there is a new field in it's
    > > packet format that allows to store an implicit key escrow thing.
    > > I don't know exactly.
    > >
    > > I think this field is just an option and there is no practical
    > > drawback if we are not dependent on extern authorities. Or is
    > > there a direct risk in security?

    >
    > If you purchase PGP Corporate Desktop, you will have the option of
    > creating your own installation package. If you want the package to
    > require the use of an Additional Decryption Key (ADK), you can do so.
    > But whether or not you want to use an ADK is strictly up to you and
    > your decision at that time. As a PGP Workgroup Desktop licensee, I
    > don't even have that option.
    >
    > The ADK is just an additional key that email/files are also encrypted
    > to so that someone else can decrypt files/messages if that becomes
    > necessary, such as due to illness, someone leaving the organization,
    > etc. Often, that ADK private key would be a split key, so that no
    > one person in the organization could use it by his/her ownself.
    >
    > As to a user like myself, if I communicate with someone from such an
    > organization that requires their employees to use an ADK, it is up to
    > me whether or not I actually encrypt additionally to that key. In
    > fact, if that ADK is not on my keyring, I can't encrypt to it even if
    > I want to.
    >
    > Over three years ago, there was a rather minor flaw found in how the
    > ADK was implemented, but that was quickly resolved. For information
    > on that, see http://www.mccune.cc/PGPpage2.htm#ADKSecurityFlaw


    Actually, ADK is not a form of key escrow. Key escrow involves
    giving your private key and passphrase to a third-party (generally
    a government police or security agency) for their use if they think
    they need to decrypt what you encrypt. ADK involves encrypting to
    a second key (generally owned by the organization for which you
    work).

    As for choosing whether or not to encrypt to an ADK, I think the
    choice is simple. If the message or file is a business
    communication for the company that employs the recipient, you
    should always use both the individual's key and the ADK. If it's a
    personal communication, don't use the ADK. But sending a personal
    message to the individual's business E-mail address is questionable
    since the employer owns the mail server, Internet connection, and
    most likely the individual's computer and has the right to see any
    message received and read when the employee is being paid to work.

    --

    David E. Ross


    I use Mozilla as my Web browser because I want a browser that
    complies with Web standards. See .

+ Reply to Thread