[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

No Subject

To: [email protected]
From: Eric Hughes <[email protected]>
Date: Tue, 1 Jun 93 09:14:58 -0700
In-Reply-To: Anonymous's message of Mon, 31 May 1993 22:27:01 -0700 <199306010527.AA00963@xtropia>

>This means that the pass phrase [for the remailer secret key] has to
>exist, in the clear, in the scripts which implement the remailer.

Currently that is the easiest way, to be sure.  Another way would be
to store the passphrase encrypted in a file so that at least it's not
findable with strings(1).  Here a quick hack for someone who's looking
for a project: a passphrase storage process which accepts requests
from a slightly modified PGP.

Hal's basic point, however is not mitigated.  Nothing is secure from a
clever root.

>Perhaps Karl could add a notation in his
>remailer lists about which machines are public and which are private.  

An excellent suggestion.

Eric

Prev by Date: Crypto anarchy in a VW? (not the bug)
Next by Date: Crypto anarchy in a VW? (not the bug)
Prev by thread: Re: Software infrastructure
Next by thread: No Subject
Index(es):
- Date
- Thread