[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Secure voice software issues



In article <[email protected]> [email protected] writes:
 > Voice calls are different, as the availability of a two-way path lets
 > you do things much more securely. If you generate a session key with
 > DH and use PGP/RSA *only to sign the exchanges*, not to encrypt the
 > session key, then even if your RSA secret key is later compromised, it
 > would not compromise those session keys that had already been created,
 > used and destroyed.

Thanks for that explanation, that bit hadn't sunk in with me!

This makes me think... something similar would be a good extension to
SMTP wouldn't it?  DH exchange of keys before sending point to point
mail?  With the user's public keys being picked up via their .mailrc
or .pgpkey or something...

(It would only happen if both SMTP's supported it and both users had
made their public key available to the mail system)

I'm thinking of ways of automatically and easily encoding all traffic
by default, to avoid line snooping.  I'm not suggesting this as an
alternative to explicitly encrypting things you want to keep private.
You could still do that too.

G
===
Personal mail to [email protected] (I read it in the evenings)
Business mail to [email protected] (Be careful with the spelling!)
Faxes to An Teallach Limited: 031 662 4678  Voice: 031 668 1550 x212