An Open Specification for Pretty Good Privacy (openpgp)

Adam Back | 21 Feb 1997 23:55

CDR design document


Here is a proposal for consideration for inclusion in the OpenPGP
standard:

	http://www.dcs.ex.ac.uk/~aba/cdr/

(Also attached text version below [1])

It describes a mechanism for commercial data recovery which attempts
to minimise the security risks inherent in allowing disaster recovery
of stored encrypted documents.  The CDR design also avoids the
security risks in building systems which send recovery information
over open communications networks, as the CMR proposal currently does.

The CDR design offers the option of more ergonomic recovery from
forgotten passphrase.  CDR allows for more secure use to be made of
the existing pgp5.0 key expiry functionality when applied to
communications-only keys because they can be deleted with out loss of
data-availability, providing a form of PFS which is backwards
compatible with pgp5.0 and pgp5.5 clients.

Comments?

The only change addition to the standard required is to create a
distinction between a storage only key and a communications only key.
This distinction could be made via the use of an extra flag, ideally
so that keyrings can remain standardised and interchangeable between
different implementations.

The document can also be viewed as a recommendation to implementors of

(Continue reading)


Mon	Tue	Wed	Thu	Fri	Sat	Sun
					1	2
3	4	5	6	7	8	9
10	11	12	13	14	15	16
17	18	19	20	21	22	23
24	25	26	27	28

Mon

Tue

Wed

Thu

Fri

Sat

Sun

9	May 2013
6	April 2013
11	March 2013
43	January 2013
5	March 2012
5	February 2012
5	March 2011
13	February 2011
30	January 2011
4	September 2010
25	August 2010
4	June 2010
1	April 2010
5	March 2010
14	December 2009
3	October 2009
11	June 2009
60	May 2009
8	April 2009
2	March 2009
62	February 2009
52	January 2009
1	December 2008
1	September 2008
20	August 2008
16	July 2008
14	June 2008
31	May 2008
40	April 2008
68	March 2008
22	February 2008
41	January 2008
1	December 2007
72	November 2007
26	October 2007
1	September 2007
6	July 2007
1	June 2007
26	May 2007
52	April 2007
34	March 2007
1	February 2007
17	January 2007
4	December 2006
7	October 2006
20	September 2006
11	August 2006
32	July 2006
10	June 2006
13	May 2006
23	April 2006
64	March 2006
49	February 2006
32	January 2006
68	December 2005
47	November 2005
63	October 2005
102	September 2005
100	August 2005
49	July 2005
13	June 2005
53	May 2005
47	April 2005
36	March 2005
101	February 2005
73	January 2005
6	December 2004
4	November 2004
51	October 2004
1	September 2004
17	August 2004
2	June 2004
13	May 2004
36	April 2004
101	March 2004
23	February 2004
38	January 2004
41	December 2003
16	November 2003
54	October 2003
3	September 2003
31	August 2003
66	July 2003
72	June 2003
51	May 2003
30	April 2003
121	March 2003
7	February 2003
39	January 2003
1	December 2002
11	November 2002
11	October 2002
81	September 2002
57	August 2002
16	July 2002
5	June 2002
75	May 2002
154	April 2002
6	March 2002
46	February 2002
51	January 2002
26	December 2001
37	November 2001
19	October 2001
50	September 2001
131	August 2001
42	July 2001
7	June 2001
17	May 2001
53	April 2001
62	March 2001
47	February 2001
48	January 2001
34	December 2000
25	November 2000
45	October 2000
13	September 2000
29	August 2000
78	July 2000
65	June 2000
56	May 2000
18	April 2000
30	March 2000
9	February 2000
55	January 2000
26	December 1999
15	November 1999
25	October 1999
11	September 1999
11	August 1999
58	July 1999
37	June 1999
58	May 1999
105	April 1999
47	March 1999
34	February 1999
37	January 1999
23	December 1998
10	November 1998
16	October 1998
96	September 1998
10	August 1998
157	July 1998
121	June 1998
110	May 1998
94	April 1998
201	March 1998
30	February 1998
62	January 1998
136	December 1997
372	November 1997
363	October 1997
127	September 1997
71	August 1997
12	July 1997
1	February 1997