Free Republic
Browse · Search 		News/Activism
Topics · Post Article

To: palmer

DoD must do it differently than Verisign, because I know if I need one of my expired keys to open an old encrypted email, I can go recover it at a certain .mil site. I can see a list of all of the keys I have ever had at that site (back to 2003).

I have done it several times and I help people do it all the time.


38 posted on 11/20/2012 7:52:46 AM PST by Gil4 (Progressives - Trying to repeal the Law of Supply and Demand since 1848)
[ Post Reply | Private Reply | To 37 | View Replies ]

To: Gil4
I just looked it up and you are correct, the private key is generated and escrowed on the server, then sent to your CAC card.

But I don't think that would apply to government in general, probably just DoD. Also if some rogue FDA official were covering his/her tracks by encrypting, they certainly would not do it with an escrowed key. They would use a PGP key or a PKI private key that they generate and hang on to (they can also back it up securely, so losing it is not a problem, and thus one of the DoD arguments for escrow is simply a red herring).

39 posted on 11/20/2012 9:46:05 AM PST by palmer (Jim, please bill me 50 cents for this completely useless post)
[ Post Reply | Private Reply | To 38 | View Replies ]

Free Republic
Browse · Search 		News/Activism
Topics · Post Article

FreeRepublic, LLC, PO BOX 9771, FRESNO, CA 93794
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson