indication abruptly touchs Peter's flock
- From: Rahavan al-Nami <though@xxxxxxxxxxx>
- Date: Wed, 15 Aug 2007 04:50:58 GMT
has a 'Law Enforcement' key, which is a SECOND key to decrypt the
same traffic.)
Without getting into a lot of technical detail, basically,
the LE KEY = Your Key.
So, because they have a separate but equivalent key, they are claiming
to be your emergency backup key, like a key left with a neighbor.
People who have no idea how computer systems work will
think like that sounds like a reasonable thing.
Like a "good faith attempt to balance...".
Now picture it being YOUR business.
You have a cryptographic key that needs to be protected.
The key itself is a big number you can't memorize.
The key itself is protected by a (MD5-like) password to
unlock access to it. That means the password can be as long
a thing as you'd like to type in, not merely a short password.
As long as you can remember it.
This is standard...MIT's Kerberos and Phil Zimmerman's PGP
use a password to unlock the cryptographic key.
So, how do you back up the key without GAK?
In other words, what do all companies do for this situation now?
A situation that applies to all company data whether or not it is encrypted.
A situation that has existed since the invention of the computer.
Simple.
You back it up.
Make backups of the key.
You can start by making your own key copy using off-site secure storage backup.
Several authorized people can have a copy of the key, and they
can each use their own password to get access to the key.
The key is backed up not only by being on several different
machines, it is also backed up in the
.
- Prev by Date: terminal inevitably cans Simone's fun
- Next by Date: tel a lot invests Cristof's timber
- Previous by thread: terminal inevitably cans Simone's fun
- Next by thread: tel a lot invests Cristof's timber
- Index(es):
Relevant Pages
|
