← Back to context

Comment by prophesi

4 months ago

Those would be end-to-end encrypted x how many recipients you intend for. Very different from (end-to-end-encrypted x how many recipients you intend for) + an arbitrary amount of recipients you don't intend for.

> an arbitrary amount

Presumably there are a finite number of escrow agents who are known to you. Worrying that they will pass your messages along to others is the same as worrying that the people you're chatting with do the same. It's always on you to assess the trustworthiness of the other parties; key escrow is no exception to that.

To be clear I'm not a fan of large scale key escrow schemes and am not going to willingly use one outside of a corporate setting. But lets have accurate use of terminology while discussing these things.

Surely a company with auditing requirements running their own key escrow would still be considered E2EE? If not E2EE then what would you suppose to call that and where would you draw the line?

  • > Worrying that they will pass your messages along to others is the same as worrying that the people you're chatting with do the same.

    This makes absolutely _no sense_. If I do not trust my end user to not propagate the message I send them, then I will not send them that message. There is no need for a third party here to make that mistake. It _is_ that black and white. Adding another end user is compromising your promise on the secure communication you established. There is no workaround to that.

    • Similarly, if you do not trust a particular escrow agent then do not use that escrow agent.

      I can imagine a likely objection. "But I'm forced to use this particular agent by [ tech company | employer | government ]!" I don't see how that's any different from needing to communicate with a particular person. If I need to communicate with someone and I don't trust them not to share things then I will (must!) compose my correspondence accordingly.

      If the government is forcing this on you, well, what is the alternative? Is point to point encryption somehow better in that scenario? Either way they're getting copies of everything you write assuming that the service you're using abides by the law. With key escrow that snooping is more explicit and there are fewer unknowns for the end user.