[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: your mail
>
> An interesting idea, although highly unpracticable. Sending a binary
> is nearly impossible. As an example, I have at my disposal (and I log
> into regularly) at least 6 different platforms. All Unix, but each
> one would require its own binary!
Although I'm still uncomfortable about the non-crypto user key, there is
a simple solution to the problem of executable/data transmission:
Send it as Perl, Postscript, Tcl, whatever.
Perl should be able to handle an encode (7 bit) data stream with a
program prepended. The algorithm would be more obvious, but
technically no more secure if you disallow security-through-obscurity.
Perl is available almost everywhere, is reasonably fast, has a
comprehensive capability list, etc.
> This doesn't mean that your idea has no merit. On the other hand, it
> is an interesting key distribution model. Except there are a number
> of problems that I can see. First, anything you know about the person
> is something that someone else could probably do a little research and
> find out as well. This inherently means it is not a very secure
> channel, rather it is only moderately secure.
This is what I think is rough.
> Also, there is no way to meet your goal of "no external binary
> needed." There may be a few things you can do in lieu of this, but
> all of them require some knowledge of the recipient hardware system.
> But in a case such as mine, even that wouldn't help (do you send it
> for an RT, Vax, Decmips, RS6000, Alpha, Linux, Sun386i, Next, ...?)
Perl...
> Like I said, its an interesting key distribution model, but I do not
> see any way to realize it under your assumptions.
>
> -derek
sdw
--
Stephen D. Williams Local Internet Gateway Co.; SDW Systems 513 496-5223APager
LIG dev./sales Internet: [email protected] [email protected]
OO R&D Source Dist. By Horse: 2464 Rosina Dr., Miamisburg, OH 45342-6430
Comm. Consulting ICBM: 39 34N 85 15W I love it when a plan comes together