[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Message Havens



> 	Seems to me that you should also have all of the messages to you 
> collated into one block, have some random length padding added, and then 
> encrypt the whole thing and send it back to you. If you have this all 
> done automatically by the server at the haven, then you may not even need 
> to call all of those random other messages down. That is, assuming you 
> trust the sysadmin of that haven, which is probably not the best of ideas.
The only problem I see here is that it requires the message haven
know your public key.  All sorts of man-in-the-middle attacks become
possible here.  I don't know that I'd trust a machine to do an intellegent
web-of-trust; it can't actually meet people at a conference and swap cards.