Comment by prophesi
4 months ago
> Worrying that they will pass your messages along to others is the same as worrying that the people you're chatting with do the same.
This makes absolutely _no sense_. If I do not trust my end user to not propagate the message I send them, then I will not send them that message. There is no need for a third party here to make that mistake. It _is_ that black and white. Adding another end user is compromising your promise on the secure communication you established. There is no workaround to that.
Similarly, if you do not trust a particular escrow agent then do not use that escrow agent.
I can imagine a likely objection. "But I'm forced to use this particular agent by [ tech company | employer | government ]!" I don't see how that's any different from needing to communicate with a particular person. If I need to communicate with someone and I don't trust them not to share things then I will (must!) compose my correspondence accordingly.
If the government is forcing this on you, well, what is the alternative? Is point to point encryption somehow better in that scenario? Either way they're getting copies of everything you write assuming that the service you're using abides by the law. With key escrow that snooping is more explicit and there are fewer unknowns for the end user.