[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

PGP misunderstanding




Hi Hal & others, this is Strata, author of the Virtual City (tm) 
Network "faq" (which raises more questions than it answers, rev 1.1 will 
be more customarily faq-like.)   Someone forwarded me your posting re
the faq and I thought I would take a moment to reply.  Please direct
any correspondence to me directly, I am only on cypherpunks-announce
and not the list itself.

I had a misunderstanding about the PGP key servers, not
realizing they existed to register your keys with and not to generate them. 
I have planned from the beginning to include serious privacy technology in
the Virtual City, up to and including objects in the master database which
can only be decrypted at runtime by those who have keys for them.  I have
been talking with Hugh Daniel about making his ideas on NYM's an integral
part of the infrastructure and plan to include Digital Cash as soon as a
version is ready to go.  I was at today's Cypherpunks meeting to get
more info on PGP and discuss details of the infrastructure with folks.
I will be posting a slightly revised 1.0.1 faq which corrects some
minor mistakes and also gives correct info about PGP key generation in
detail.

I will be writing up details of how I am thinking of implementing
some of the privacy structure mentioned in the faq and above
and posting it here for people to shoot at.  I am very interested in
doing this "right".   In the last 48 hours since I posted the faq
a number of messages from folks asking how they can get a public key, so I
want to head them in the right direction.  If I were to admit something
seditious in public, which I  never do, I might say that one of my many goals
for the Virtual City (tm) Network was to get Joe & Jane Undergrad or
Salaryperson casually using privacy tech in a matter of fact way-- they'll
use it to protect their identity and privacy in the VC environment and to
perform commercial transactions online.  

I think that people are not using the privacy tech that's out there
simply because they feel they have no compelling reason to do so.  If
people start needing to use it to get at things they think are
interesting or cool they will become familiar with the use of the tech
and begin to use it casually elsewhere.  That would seem to be the Right
Thing.

To spread usage out beyond Virtual City (tm) Network, 
I've also been thinking that later on when the service is established I
should start an encrypted "vcn" news hierarchy.  This will get randoms 
using PGP to read the news feed. I'm not familiar enough with the most
recent news control mechanisms to feel certain that I can somehow
"bounce" cleartext posts to these groups, I might have to make it
unidirectional and gatewayed solely through a hacked mail filter that
requires encrypted text.  My worry is that sites that
do satellite feeds might balk at carrying it, thinking it might violate some
FCC regs about non-cleartext data over public airwaves.  They might be right,
I need to learn more about possible legal ramifications before doing that.

Cheerfully educable,
_Strata

PS- I will support folks choosing their own encryption on data envelopes, but
after seeing Arthur's presentation today I think I'd better make it
abundantly clear that we can in no way be held liable if they insist on DES

M. Strata Rose
Unix & Network Consultant, SysAdmin & Internet Information 
Virtual City (TM) Network
[email protected] | [email protected] | [email protected]