Re: totally secure email?

[khijol!erc (Ed Carp [Sysadmin])]

-----BEGIN PGP SIGNED MESSAGE-----

> 1) Your sysadmin can assuredly get around this too if he wants, and get
> at your mail even before procmail does. As a general rule of thumb, the
> sysadmin can do anything. But getting aroudn this would definitely be more
> dificult then simply reading your /spool/mail file. 

True, but I don't know if he'd think of this one...

> 2) You obviously don't want to leave your private key in your unix
> account, as the sysadmin could just use it to decrypt all your mail
> and read it. Obvious of course, but sometimes it's easy to overlook the
> obvious.

I'm curious - all the stuff that comes with PGP says to not let your secret
key /pass phrase out of your sight, but why is it necessary to guard your
secret key so carefully?  After all, you have to type your pass phrase to
use the secret key, so without the pass phrase, the secret key is useless,
isn't it?  I mean, besides just destroying it...

> Of course the best solution would be to have your correspondents send you
> PGP encrypted mail, but I guess the best solution isn't always available.

Well, that's already happening, but it's hard to stop someone from dropping
a piece of email in your mailbox saying, "xxx gave me your resume, and it
looks good.  Can we talk?"
- -- 
Ed Carp, N7EKG/VE3	ecarp@netcom.com, Ed.Carp@linux.org

"What's the sense of trying hard to find your dreams without someone to share
it with, tell me, what does it mean?"        -- Whitney Houston, "Run To You"

-----BEGIN PGP SIGNATURE-----
Version: 2.6

iQCVAgUBLgNiKCS9AwzY9LDxAQEKsAP7BXrjLGdocYRalC6A/aa1Qoa+U3sPBEGv
PI55xfBPhJ5EVWUHWxYRCB8a4nXTw41teuoBY2e40zmeVNtF+syrn1APntnq1pif
CpxMc4WrGQw58rteDrzOysrwrXLsh/oxErrCQ8fEvMXKCe5uXMCHLa+cb6DHq+D0
poizF1fFlrU=
=YYf6
-----END PGP SIGNATURE-----