"Will Price" <[EMAIL PROTECTED]> writes:
>So in any case, the issue was rapidly corrected, and within months of NAI
>purchasing TIS, TIS had killed all of its key recovery features, and the KRA
>membership had been cancelled.
There's a paper on adding GAK to IPSEC by someone from NAI in the GAK issue
of Computers and Security (January 2000, p.91). This is pure GAK and isn't
disguised as "business data recovery" or some other nicety: "Goverments must
be able to intercept the [Common Key Recovery Block] at the time of key
establishment or periodically while the SA remains active".
>the TIS group is just as anti-key-recovery as PGP ever was
Does the TIS group know this?
Peter.
