

Did I just upload my private SSL keys to the NSA? - jacobn

With the Lavabit SSL key seizure [1,2], the US Government and the US courts have shown that they&#x27;ll take the private keys if they feel they need them.<p>Have e.g. AWS received similar orders for keys used with ELBs? Or anything on the EC2 VMs? Or CloudFlare?<p>When I upload my private key to these services, does it go straight to the NSA keystore? Or do they only seize certain keys? Or no keys at all and I can take off my tinfoil hat now? Can we know?<p>What happens when an NSA employee is disgruntled &#x2F; makes a mistake &#x2F; becomes a mole &#x2F; whatever and leaks the entire keystore?<p>Did we all already know? Should I stop tinfoiling? Should we trust that they don&#x27;t do this? Should I never have been such a lazy moron as to use any such services?<p>Sigh<p>For the record I believe the government should be able to do warrant-based eavesdropping etc of specific individuals - it&#x27;s the dragnet aspect to this whole mess that just breaks my heart. So there&#x27;s no need to put me on that list you got there Mr USG...<p>Sigh^2<p>[1]: https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=6517553
[2]: http:&#x2F;&#x2F;www.newyorker.com&#x2F;online&#x2F;blogs&#x2F;elements&#x2F;2013&#x2F;10&#x2F;how-lavabit-edward-snowden-email-service-melted-down.html
======
blakdawg
We don't know - and because the rules of this game apparently bless lying
about key compromise, and allow prohibitions on the disclosure of key
compromise, you can't rely on the absence of bad news to assume everything's
OK.

You have the greatest allowable protection when keeping your keys on hardware
where you keep physical custody - e.g., on your person, or stored in physical
locations where you have exclusive access (e.g., _not_ colocated/VPS, etc).

Ultimately, you've got to decide if it bothers you to have the government -
and the corporations and individuals that act on behalf of the government -
archiving/indexing/searching copies of your data.

I don't believe that it's appropriate for the government to invade our privacy
without due process - but this view is not universally held.

There's a core problem that's tough to solve - if people have access to
strong, unbreakable crypto, then it's possible that there will be
circumstances where a legitimate warrant will not produce usable information.

On the other hand, if nobody has strong, unbreakable crypto, then it's
possible that there will be circumstances where privacy is invaded without a
legitimate warrant.

