clari.web.sports.local.south.georgia
La...@clari.web.sports.local.south.georgia
which is a SECOND key to decrypt the
same traffic.)
Without getting into a lot of technical detail, basically,
the LE KEY = Your Key.
So, because they have a separate but equivalent key, they are claiming
to be your emergency backup key, like a key left with a neighbor.
People who have no idea how computer systems work will
think like that sounds like a reasonable thing.
Like a "good faith attempt to balance...".
Now picture it being YOUR business.
You have a cryptographic key that needs to be protected.
The key itself is a big number you can't memorize.
The key itself is protected by a (MD5-like) password to
unlock access to it. That means the password can be as long
a thing as you'd like to type in, not merely a short password.
As long as you can remember it.
This is standard...MIT's Kerberos and Phil Zimmerman's PGP
use a password to unlock the cryptographic key.
So, how do you back up the key without GAK?
In other words, what do all companies do for this situation now?
A situation that applies to all company data whether or not it is encrypted.
A situation that has existed since the invention of the computer.
Simple.
You back it up.
Make backups of the key.
You can s
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 4.2.1
21rYH16eovyd+OORMkpKDtOGzFnJWc4r9YDnFSLD0bNC30cMU6TkNXOtTdNaVwHN
IxLZcUz1K0b/3SXKk9ty+y2uIH1LszkwFu5P3WTr6COtSIWBi1MxD8bx+hcCNb/d
sC2yavrwULogj2fUb4iMN/ucDOZ8m16qGJKPrpNDHWHxyBpu7ABVCy5HV5sq/LgI
Kp885geAsF2fXs5J6vvxbt1ng4==
=WT/f
-----END PGP SIGNATURE-----