[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

re:using PGP only for digital signatures



At 04:12 PM 11/4/95 -0500, James Black <[email protected]> wrote:
>Hello,
>  I am in a discussion (during the week) with a system administrator 
>about seeing if we can just make PGP publically available to everyone, 
>but now the discussion seems to be to just allow PGP to do digital 
>signatures, and I don't think that is the best choice, then.  They are 
>not against PGP being used, but there are legal issues as to whether they 
>can offer it to everyone, as some students are international students, 
>and are not allowed to use the version for the US, or so I have been 
>informed, so now I need to see if we can have the international version, 
>so these students can use it. :(
>  Is there any good programs (for the Unix, SunOS) that just does digital 
>signature encryption?  What they are trying to do is make certain that no 
>one can send a message to anyone, claim to be in the faculty, and cause 
>problems that way.  My position is just a student programmer, but I am 
>trying to learn as much as I can, to answer questions and deal with problems.

Yeah, there's RIPEM-SIG, which is approved for export so you can even give it
to your non-Yankee students, and it's compatible with the RIPEM secure email
stuff.
So your US students, and anyone else who wants to download the software from
England, can send secure email, and everybody can check the signatures.
I'm not sure if RIPEM-SIG has caught up with the features in the latest
versions of RIPEM, which include an X.509 variant on Web of Trust.

Somebody else has brought up the insecurity of using security software
on multi-user machines, where the system administrator or anybody who cracks
root can steal your passphrases and even replace the trustable software with
trojan-horse versions; your students will be safer if they only trust stuff
running on PCs from software they've verified themselves.  But you can at least
do signature-checking safely on a multi-user machine if the software is
protected adequately.
#---
#                                       Thanks;  Bill
# Bill Stewart, Freelance Information Architect, [email protected]
# Phone +1-510-247-0664 Pager/Voicemail 1-408-787-1281
#---