[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: key for Alice as promised (not)
-----BEGIN PGP SIGNED MESSAGE-----
Hello Jon Lasser <[email protected]>
and [email protected] (jim bell)
and [email protected]
jim bell wrote:
> >On Tue, 28 Nov 1995, Adam Hupp wrote:
One reason why Alice might not want to use PGP would be that posession
of the secret key would be ipso facto evidence that he is Alice.
> spoofed, HE WILL KNOW because he will see a message with his signature that
> HE KNOWS he didn't send. At that point, he will at least be able to reduce
> the number of spoofed messages to 1 before he alerts us that there is a
> problem. We won't necessarily know who to believe, of course, but we will
Who to believe: at that stage, Alice will simply cease to exist.
The key will be revoked and Alice will be no more. A new Alice may
or may not arise, but no-one will know if it's the same one.
If Alice is afraid of loss of identity (as if he had one now),
he could have a permanent key at home (where he does his OTP work),
and on his e-mail machine have only a temporary key. When the key
on the public machine is compromised, it is revoked and a new one
(The same can be done with real-name keys, BTW; viz my own key.)
> 3. Somebody found out how to break 1024-bit PGP keys easily. (Very
> unlikely, of course.)
In this case I think we are all stuffed.
If you want an answer, please mail to <[email protected]>.
On sweeney, I may delete without reading!
PGP 463A14D5 (but it's at home so it'll take a day or two)
PGP EF0607F9 (but it's at uni so don't rely on it too much)
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----