Ian Grigg wrote:
the dissident and his life.... E.g., ... $2m per dissident.
Eh, sorry, $2m for a life?
Which part are you questioning? My convenient number, my low/high estimate, or my temerity in placing a value on a life? For the first two, pick your own number. For the last, this is standard risk analysis - convert all assets to dollar values and convert.
You could argue that dissidents should use PGP.
In the context of this maillist, I'd not argue anything about dissidents, other than they are special customers with special needs, and they should look after themselves, because a generic offering like Mozilla products, as distributed in standard form, is unlikely to be good enough. This is no problem, they generally know this, because they also worked out long ago that their life is on the line, and they have to take care.
(Outside this maillist - they need hardware as well, and custom installs.)
> But then, as I outlined,
we are not just talking about dissidents, but about husband<->wife or anybody having anything *really* private in email, and that's almost anybody or at least 20% of the userbase. The value of privacy can't be expressed in dollars.
Well, that would be *another* group of users.
And herein lies one of the big difficulties in the security model for browsing: the group of users includes lots of diverse users and lots of diverse needs. Also, we (being the people on the build side) don't have enough of a clue to be able to say "we know what our users are doing, and we know what they want."
Husband/wife? That can be covered with 40 bit ADH, in general. Lawyers sending client-conf- idential docs back and forth over the open net: that's something I'd prefer myself to see done in at least DES (56bit) or better. Just IMHO.
All of these "anybodys" that we can list will be substantially benefitted by something as boring as 40bit with ADH or "any old key swapping" protocol. The fact that they can get better for no cost is a bonus of some value. The fact that they can get something even better but pay money for it is something only they should be asked to decide.
The NSA is (as far as we know) defeated completely by unauthenticated crypto techniques such as self-signed certs
haha.
In eavesdropping terms, I mean. That's the current understanding. Now, curiously, even if it is not true, we are still protected, as they would save any secret tricks (such as being able to breach ADH or RSA) they know for real high value targets. The last thing they want is open speculation of how they got the info, because they don't want real enemies to figure it out. This is the Enigma dilemma.
Until it decides to take special action against a particular target
...which is when things get interesting...
Right. Then we have the competing key distribution models (CA, opportunistic, WoT, other media, etc). But this is a really small proportion of the total user base.
any of a half dozen basic crypto techniques will give complete privacy.
"As long as nobody cares to listen, you have complete privacy." Surely true, but not very satisfactionary.
Well, true, and that's what the open internet is. Nobody much cares to listen, and for the most part, the whole world gets by without worrying about it. Same for the telephone.
Then you get the passive listeners.
And finally, you get the active attackers.
Echelon
BTW: A good source for information about that is the special in Telepolis, I think it was actually the magazine which brought all this into public, esp. Christiane Schulzki Haddouti. Unfortunately most of it is in German.
<http://translate.google.com/translate?hl=en&sl=de&u=http://www.heise.de/tp/deutsch/special/ech/>
We owe a debt of gratitude to the Germans for taking up the flame against echelon with gpg!
iang _______________________________________________ mozilla-crypto mailing list [EMAIL PROTECTED] http://mail.mozilla.org/listinfo/mozilla-crypto
