--Boundary-02=_iWx7+a9OAtc0snx Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Description: signed data Content-Disposition: inline
On Monday 16 June 2003 10:36 pm, will hill wrote: > Emphatic, but I still don't buy it. The receiving user opens the mail se= nt > by PGP, right? What's the difference between this and the mail simply > being decrypted by the user's mail server on the user's computer? In Wow. you've never heard of pgp/gpg have you? GPG is based on public key=20 cryptography. A user distributes a public half of a key. He retains the=20 private half. I send an email to a user, I encrypt it with his public key= =2E =20 Only he has the private key. he gets the message and decrypts it using his= =20 private key. This is substantially and vastly different from encrypting th= e=20 communications channel. Additionally, if I sign the message with my privat= e=20 key, the remote user can authenticate my identity and that the mail has not= =20 been altered in transit. http://www.pgpi.org/doc/pgpintro/ (hooray for google. everybody loves googl= e.=20 isn't google neat. we should all try the joy of google!) > either case, the user is hosed if their machine is owned. Wouldn't it be > better if everyone had a persistent connection and was able to run the > best available free software? If everyone ran like that, no one would ne= ed > a "relay" and the encryption was transparent to the user? If the machine is "hosed" you're hosed. To use your ashcroft example, If t= he=20 government gets a subpoena to put carnivore at an ISP, TLS will do NOTHING = to=20 prevent them from intercepting the cleartext of your email. with GPG/pgp=20 they will have to get a subpoena served to you individually to get you to=20 decrypt the mail. that's assuming you haven't incinerated the computer ;).= =20 Or that you haven't used open wireless access points and anonymous remailer= s=20 =2E.. how paranoid do you need to be? =2D-=20 Scott Harney <[EMAIL PROTECTED]> "...and one script to rule them all." gpg key fingerprint=3D7125 0BD3 8EC4 08D7 321D CEE9 F024 7DA6 0BC7 94E5 --Boundary-02=_iWx7+a9OAtc0snx Content-Type: application/pgp-signature Content-Description: signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) iD8DBQA+7xWi8CR9pgvHlOURAkeWAJkBp2tPZTU3SmCdQc2AJbgfATgCygCeKYXP ai4TMCZ7eA7tSmb5WHpfjfk= =UpMm -----END PGP SIGNATURE----- --Boundary-02=_iWx7+a9OAtc0snx--
