Re: comments on PGP 5

To: debian-devel@lists.debian.org
Subject: Re: comments on PGP *5*
From: steve@kostecke.net (Steve Kostecke)
Date: Sun, 13 Sep 1998 22:45:02 -0400
Message-id: <[🔎] E0zIOdS-0003zT-00@stasis.kostecke.net>

In article <[🔎] 19980913232759.A23249@earthlink.net>,
	knghtbrd@earthlink.net (Joseph Carter) writes:
[snip]
> PGP v5 supports key escrow and it can be used without your knowledge or
> consent with v5.x, though it can only be specifically enabled in 5.5+ I
[snip]

IIRC PGP5 can be configured, by your sysadmin, to automatically encrypt
a outgoing message session key with a "corporate public-key" in addition
to the recipient's public-key. And that PGP5 can be configured to refuse
to decrypt messages when the session key was not encrypted with the
"corporate public-key". As I understand it this NOT key-escrow.

AFAIK PGP5 does not provide a mechanism to force you to send a copy of
your private key to an "Offical Key Escrow Authority". And that the
"key-recovery" feature has no effect on users of "PGP For Personal
Provacy" (the non-corporate version).

Please correct me if I am wrong...

-- 
 ____
||k || Steve Kostecke                |  Debian GNU/Linux
||__|| steve@kostecke.net            |  The Open Source(R) Operating System
|/__\| http://kostecke.home.ml.org   |  http://www.debian.org

Reply to:

Follow-Ups:
- Re: comments on PGP *5*
  - From: Joseph Carter <knghtbrd@earthlink.net>

Prev by Date: Re: comments on PGP *5*
Next by Date: Re: intent to package: mocka modula-2 compiler
Previous by thread: Re: comments on PGP *5*
Next by thread: Re: comments on PGP *5*
Index(es):
- Date
- Thread

Re: comments on PGP *5*

Re: comments on PGP 5