Ed Gerck wrote:
Ben Laurie wrote:
Ed Gerck wrote:
If the recipient cannot in good faith detect a key-access ware, or a
GAK-ware, or a Trojan, or a bug, why would a complete background
check of the recipient help?
Let's assume for a moment that a solution exists that satisfies your
requirements.
Ben Laurie wrote:
Ed Gerck wrote:
If the recipient cannot in good faith detect a key-access ware, or a
GAK-ware, or a Trojan, or a bug, why would a complete background
check of the recipient help?
Let's assume for a moment that a solution exists that satisfies your
requirements. Since the
Anne Lynn Wheeler wrote:
At 12:53 PM 9/16/2004, Ed Gerck wrote:
If the recipient cannot in good faith detect a key-access ware, or a
GAK-ware, or a Trojan, or a bug, why would a complete background
check of the recipient help?
a complete audit and background check ... would include an audit of
On Thu, Sep 16, 2004 at 06:12:48PM +0100, Ian Grigg wrote:
| Adam Shostack wrote:
| Given our failure to deploy PKC in any meaningful way*, I think that
| systems like Voltage, and the new PGP Universal are great.
|
| I think the consensus from debate back last year on
| this group when Voltage
At 10:19 PM 9/15/2004, Ed Gerck wrote:
Yes, PKC provides a workable solution for key distribution... when you
look at servers. For email, the PKC solution is not workable (hasn't been)
and gives a false impression of security. For example, the sender has no
way of knowing if the recipient's key is
Adam Shostack wrote:
On Thu, Sep 16, 2004 at 12:05:57PM -0700, Ed Gerck wrote:
| Adam Shostack wrote:
|
| I think the consensus from debate back last year on
| this group when Voltage first surfaced was that it
| didn't do anything that couldn't be done with PGP,
| and added more risks to boot.
|
At 05:35 PM 9/16/2004, Adam Shostack wrote:
Generate a key for [EMAIL PROTECTED] encrypt mail to
Bob to that key. When Bob shows up, decrypt and send over ssl.
note there is still the issue of knowing it is bob ... whether before the
transmission or after the transmission and, in fact, the
On Thu, Sep 16, 2004 at 04:57:39PM -0700, Bill Stewart wrote:
At 10:19 PM 9/15/2004, Ed Gerck wrote:
Yes, PKC provides a workable solution for key distribution... when you
look at servers. For email, the PKC solution is not workable (hasn't been)
and gives a false impression of security. For
lrk wrote:
Perhaps it is time to define an e-mail definition of crypto to keep the
postman from reading the postcards. That should be easy enough to
implement for the average user and provide some degree of privacy for
their mail. Call it envelopes rather than crypto. Real security
requires more
Bill Stewart wrote:
At 10:19 PM 9/15/2004, Ed Gerck wrote:
Yes, PKC provides a workable solution for key distribution... when you
look at servers. For email, the PKC solution is not workable (hasn't
been)
and gives a false impression of security. For example, the sender has no
way of knowing if
To: [EMAIL PROTECTED]
Subject: public-key: the wrong model for email?
[Perry: please use this version, if possible]
Public-key cryptography burdens the recipient and puts the
recipient in charge, while the sender is at the recipient's
mercy. Is this the right model for email security? After all
Anne Lynn Wheeler wrote:
PGP allows that a relying party vet a public key with the key owner
and/or vet the key with one or more others (web-of-trust)
note that while public key alleviates the requirement that a key be
distributed with secrecy ... it doesn't eliminate the requirement that
the
Given our failure to deploy PKC in any meaningful way*, I think that
systems like Voltage, and the new PGP Universal are great.
* I don't see Verisign's web server tax as meaningful; they accept no
liability, and numerous companies foist you off to unrelted domains.
We could get roughly the same
At 11:19 PM 9/15/2004, Ed Gerck wrote:
Yes, PKC provides a workable solution for key distribution... when you
look at servers. For email, the PKC solution is not workable (hasn't been)
and gives a false impression of security. For example, the sender has no
way of knowing if the recipient's key is
Adam Shostack wrote:
Given our failure to deploy PKC in any meaningful way*, I think that
systems like Voltage, and the new PGP Universal are great.
I think the consensus from debate back last year on
this group when Voltage first surfaced was that it
didn't do anything that couldn't be done with
Anne Lynn Wheeler wrote:
the issue then is what level do you trust the recipient, what is the
threat model, and what are the countermeasures.
if there is a general trust issue with the recipient (not just their key
generating capability) ... then a classified document compromise could
happen
Adam Shostack wrote:
I think the consensus from debate back last year on
this group when Voltage first surfaced was that it
didn't do anything that couldn't be done with PGP,
and added more risks to boot.
Voltage actually does. It allows secure communication
without pre-registering the recipient.
At 12:39 PM 9/15/2004, Ed Gerck wrote:
[1] Public-key cryptography gives the impression that email message
security can
be achieved quite simply. The public-key can be distributed at will, no
need for
secrecy, and anyone can receive private and secure messages. The same
procedure
being
18 matches
Mail list logo