Re: [offtopic?] RE: Encryption (was: Open letter)
True -- but that would require the countries the software manufacturers do business in to relax their export regs. and allow for open encryption hooks in their tools. Dave Sill wrote: > >It's not even this complicated with 6.5. You click on the window whose text > >you want to encrypt, click on the try icon, and click "encrypt window" (or > >something like that). PGP automatically does the copying and pasting for you. > > Still too hard. The way it *should* work is that I click "Send", a > pop-up asks me for my pasword, and the message is sent signed and > encrypted.
Re: [offtopic?] RE: Encryption (was: Open letter)
Adam McKenna <[EMAIL PROTECTED]> wrote: >On Mon, Jul 31, 2000 at 06:04:12PM -0400, Michael T. Babcock wrote: >> Use any version of PGP or "PGP for Windows" and use the clipboard encryption >> features: >> 1) select all text (Ctrl-A) >> 2) "copy" (Ctrl-C) >> 3) click on PGP tray icon >> 4) click "sign & encrypt" >> 5) enter password >> 6) click window of program with selected text >> 7) "paste" (Ctrl-V) (replacing original with encrypted + signed cipher-text) > >It's not even this complicated with 6.5. You click on the window whose text >you want to encrypt, click on the try icon, and click "encrypt window" (or >something like that). PGP automatically does the copying and pasting for you. Still too hard. The way it *should* work is that I click "Send", a pop-up asks me for my pasword, and the message is sent signed and enrypted. -Dave
RE: [offtopic?] RE: Encryption (was: Open letter)
most recent PGP for windows install worked fine on win2k for me. Put it on last week. Jacob -Original Message- From: Ihnen, David [mailto:[EMAIL PROTECTED]] Sent: Monday, July 31, 2000 3:16 PM To: '[EMAIL PROTECTED]'; Ihnen, David Cc: '[EMAIL PROTECTED]' Subject: RE: [offtopic?] RE: Encryption (was: Open letter) Original Message From: Michael T. Babcock on Monday, July 31, 2000 3:04 PM >> I would be signing my messages pgp, if I could, but I haven't gotten ahold >> of PGP 7 yet... and the earlier versions don't work on 2000. > >Use any version of PGP or "PGP for Windows" and use the clipboard encryption >features: >1) select all text (Ctrl-A) >2) "copy" (Ctrl-C) >3) click on PGP tray icon >4) click "sign & encrypt" >5) enter password >6) click window of program with selected text >7) "paste" (Ctrl-V) (replacing original with encrypted + signed cipher-text) Maybe you didn't understand what I said... I can't even INSTALL the current pgp for windows. It don't work. Installer doesn't run. David
RE: [offtopic?] RE: Encryption (was: Open letter)
Original Message From: Michael T. Babcock on Monday, July 31, 2000 3:04 PM >> I would be signing my messages pgp, if I could, but I haven't gotten ahold >> of PGP 7 yet... and the earlier versions don't work on 2000. > >Use any version of PGP or "PGP for Windows" and use the clipboard encryption >features: >1) select all text (Ctrl-A) >2) "copy" (Ctrl-C) >3) click on PGP tray icon >4) click "sign & encrypt" >5) enter password >6) click window of program with selected text >7) "paste" (Ctrl-V) (replacing original with encrypted + signed cipher-text) Maybe you didn't understand what I said... I can't even INSTALL the current pgp for windows. It don't work. Installer doesn't run. David
Re: [offtopic?] RE: Encryption (was: Open letter)
On Mon, Jul 31, 2000 at 06:04:12PM -0400, Michael T. Babcock wrote: > Use any version of PGP or "PGP for Windows" and use the clipboard encryption > features: > 1) select all text (Ctrl-A) > 2) "copy" (Ctrl-C) > 3) click on PGP tray icon > 4) click "sign & encrypt" > 5) enter password > 6) click window of program with selected text > 7) "paste" (Ctrl-V) (replacing original with encrypted + signed cipher-text) It's not even this complicated with 6.5. You click on the window whose text you want to encrypt, click on the try icon, and click "encrypt window" (or something like that). PGP automatically does the copying and pasting for you. --Adam
Re: [offtopic?] RE: Encryption (was: Open letter)
Potentially long, off-topic message: (follow-ups and/or flames probably best kept private :) "Ihnen, David" wrote: > Would you consider PGP more than a low-effort? It would be zero effort if > we weren't concerned about the privacy of our own secret keys, thus keeping > them encrypted behind passwords. Personally? Using PGP is very low-effort for me. Typing my 25+ character passphrase has become reflexive. I've run a site re: PGP use since my first website in 1993 or so, so I'm probably not a good test-case. :-) > Maybe an extra-low-effort system would consist of a simply speaking a > keyword into a microphone, and using voiceprint authentication to decrypt > the secret keys. Fortunately almost all computers have the ability to read > in decent quality audio. Sending to particular people is no effort - the > public key aquisition can be automated. I saw some very interesting matrix-mapping software back in 1994 and 1995 for DOS that converted individual words (expandable to phrases) into vectors (stored as matrices) that could easily be compared against a stored file for each person. The idea was to do the "opposite" of voice-to-text recognition software and store the portion of audio that is unique for each user instead of using primarily the part that is similar. > Its interesting to think of the change in load on list servers. Would you > encrypt to the list server, who then decrypts and re-encrypts for each > client, or would there be a collaborative key for the list that everybody > had the secret to and could decrypt? More probably we would just > cleartext-sign the messages for source authentication, for backwards > compatibility, I suspect. Assuming, like the original 'open letter' poster, that you don't want others to snoop on the messages (but their being a subscriber to the list is "okay"), then you'd want a public key for the mailing list that all messages are encrypted to. The mailing list would decrypt the session key for the message (PGP only requires using CPU intensive P.K. cryptography to sign a session key). It would then re-encrypt the session key (effectively, the message) to the public keys of each of the recipients on the list. (It would not need to necessarily verify the sender's signature, to avoid decrypting messages at all). The sender's signature (if used) would be intact in the encrypted message and each person would be able to verify for themselves that that user had sent 'them' the message in question. The CPU intensive portion would be encrypting the session keys to everyone on the list. Assuming the old PGP protocol, that would mean doing 1024 (or more) bit RSA on a 128 bit session key (16 bytes). > Either way, it can be zero-effort for the people generating the e-mail, > outside of authenticating your personal secret key, though accepting the > e-mail has the same effort problems. > > I would be signing my messages pgp, if I could, but I haven't gotten ahold > of PGP 7 yet... and the earlier versions don't work on 2000. Use any version of PGP or "PGP for Windows" and use the clipboard encryption features: 1) select all text (Ctrl-A) 2) "copy" (Ctrl-C) 3) click on PGP tray icon 4) click "sign & encrypt" 5) enter password 6) click window of program with selected text 7) "paste" (Ctrl-V) (replacing original with encrypted + signed cipher-text)