[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Software infrastructure



-----BEGIN PGP SIGNED MESSAGE-----

Subject: Software infrastructure

I like Eric's idea of a terminal program which can support encryption
easily.  Here are some thoughts.

As Eric indicates, the issue is not so much building encryption into the
program but rather of having _hooks_ by which extra functionality can be
added.  Encryption should be just one capability.  Another might be to
automatically drop into a stand-alone zmodem package like dsz or gsz
so we don't have to re-implement zmodem ourselves.

We had some related discussion on this last year when we were talking
about the "crypto dongle".  This was going to be a black box which
would sit on the serial line between your PC and modem (or terminal and
host computer) and would do encryption/decryption as the characters
passed through it.

Doing it in the terminal program, I could envision a hook which watched
constantly for particular strings to be received from the host, like
"-----BEGIN PGP MESSAGE-----".  Several such watchdogs could be active
at once.  When one of them matches, it fires off a program.  Or perhaps
it just starts logging the incoming data to a file, and when it matches
another string it fires a program.  A simple scripting language could
control these activities.

The result would be that when you receive an encrypted message, you
just list it out to your terminal and then, automatically, PGP fires up
and asks you for your pass phrase (unless you SET it ahead of time in
the PC's environment).  It then displays the message for you.

This simple model has several deficiencies.  When I log into a Unix system,
or Compuserve, or Portal's "Online" service, and read my mail, it is often
shown to me a page at a time.  This is so that I can read long messages
more easily.  Then after each message I can delete it, save it, reply to
it, etc.  If I do reply or if I want to create a new message it will drop
me into a text editor to compose the message.

The result is that the mail program you are running on the host computer
may do some munging on the PGP message, like inserting "Press RETURN for
next page" or perhaps some terminal control characters.  These would have
to be filtered out before PGP could run on the file, or you would have to
be able to suppress them when you read this message.

Also, assuming we could capture the message and run PGP on it automatically,
the resulting decrypted message will have to be saved and given a file
name.  Then if the user wants to reply to it he is going to have to leave
his terminal and run an editor.  (At least, that's what I have to do now.)

Plus, this only deals with the message-receiving problem, not the sending
problem.

I'm not sure what the solution is.  Maybe the PC program needs to be more
than a terminal program, and become more of a whole mail-processing
program.  Maybe you should just download your mail file en masse from the
host to your PC, pre-process it to replace (in place) the incoming encrypted
messages with plaintext versions (annotated to show validated signatures),
then run a PC program which will display one message at a time, let you
reply, save, etc.  This way the decryptions are done before you even look
at the mail file and incoming encrypted mail is treated on a first class
basis (the same as other mail).

Then for outgoing mail you'd like to be able to drop into a user-defined
editor which is run with a command line causing his file to be saved to
some temp file name.  Then we can automatically encrypt the outgoing mail
for him based on the destination, add a remailer chain if requested, etc.  
Then he gives a command and all his replies and new mail are uploaded and
sent.

This would be pretty tough to do since there are so many different ways
of sending and receiving mail on host computers.  This would again have
to be a customizable part of the program, where we could provide modules
to deal with the common cases of Unix running "mail", elm, mh, etc., and
perhaps some of the commercial services.  BBS's would ideally be handled
as well.  Hackers could contribute scripts for supporting their favorite
mail system.

I don't know anything about SLIP, or POP, or any other fancy ways of
hooking a PC up to a workstation.  I just use it as a terminal.  Would
these other protocols help solve the problems above, problems of how
we marry an encryption program which must run on the PC with mail-handling
programs which run on another computer?

Hal Finney
[email protected]

-----BEGIN PGP SIGNATURE-----
Version: 2.2

iQCVAgUBLAwkEagTA69YIUw3AQEuxQQAjeC/gwPHkLQZ0IladVRxiRdgARdE7ziu
WWdmsHpaZ2tlq8wAXpSFbMpSZ3MS1U1TT/c/wB2DJOCuWkhs2y6WYoZiqrHz3hjA
JyBSkpM1F3dYcZ8MchrjLZsur9KwXe0mIvM7VMu2Fdq+sMMgNwzEzqJoWhulAsnl
weuBaeOjv7k=
=zEUv
-----END PGP SIGNATURE-----