If the recipient cannot in good faith detect a key-access ware, or a GAK-ware, or a Trojan, or a bug, why would a complete background check of the recipient help?
a "complete audit and background check" ... would include an audit of the recipient ... not just the recipient person .... but the recipient ... as in the recipient operation.
so given sufficient sender concern, checking might be similar to something that the federal reserve has specified for a fedwire terminal .... although the announcement about allowing fedwire access via the internet has raised some eyebrows. i'm sure that such things don't happen .... but could all the stuff about swift providing internet-oriented services been some motivation?
the issue for the sender is that they could be concerned about a number of different possible vulnerabilities ... and complete audit and background check would be to try and cover all the bases ... aka the leakage of a classified document wouldn't solely be restricted to technical subversion.
--
Anne & Lynn Wheeler http://www.garlic.com/~lynn/
--------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
