[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Secure key exchange

To: [email protected]
Subject: Secure key exchange
From: [email protected] (Perry E. Metzger)
Date: Mon, 30 Nov 92 13:06:01 EST
Cc: [email protected]
In-Reply-To: Eric Hughes's message of Mon, 30 Nov 92 09:21:39 -0800 <[email protected]>
Reply-To: [email protected]

>From: Eric Hughes <[email protected]>

>>There is no secure method of exchanging public keys using only the
>>net.  [spoofing, etc.]

>As mentioned by Hal, the new PGP 2.1 (imminent) has a feature to
>create an hash or a public key which can be read over the telephone to
>make sure that a key transmitted electronically has not been altered
>in transmission.

Just to point out, though, this is not foolproof. A good impressionist
can fool people, especially if they are extremely skilled. A person
with Rich Little's or Peter Sellers' level of skill can sound
astonishingly like the original person (although a sound spectrograph
isn't fooled, other humans can be).

Perry

References:
- Secure key exchange
  - From: Eric Hughes <[email protected]>

Prev by Date: My key policy signed.
Next by Date: Re: Classified info and other stuff.
Prev by thread: Secure key exchange
Next by thread: Re: Secure key exchange
Index(es):
- Date
- Thread