--- Martin Fick <[EMAIL PROTECTED]> wrote: > --- Michael Holstein <[EMAIL PROTECTED]> > wrote: > > > > My thought on Java was to be able to > > automate the key scheme within the > > browser, versus requiring them download > > a .gz.gpg file and decrypt it on their > > own. A (sort-of) working example of > > this is how HushMail does it (using > > Java to code the PGP stuff). > > Forgive me for not understanding, but > what prevents HushMail from decoding > the messages?
Ah, from HushMail themselves: https://www.hushmail.com/hushmail/showHelpFile.php?file=compatibility/java/index.html "Attacker controls webserver while you are accessing your email With Java: Not protected, but evidence of the attack will remain on your computer Without Java: Not protected, no evidence of attack on your computer" Seems pretty untrustworthy to me. There is a hidden messaging/mail service in torland which should be more trustworthy than HushMail, but, of course, I don't think that it is integrated with the browser like I would like. -Martin ____________________________________________________________________________________ Looking for last minute shopping deals? Find them fast with Yahoo! Search. http://tools.search.yahoo.com/newsearch/category.php?category=shopping
