[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Zimmermann/NSA debate postponed




> It may very well be that he only signs messages to `public' forums or
> that he only signs things when he considers the message to be more
> important than normal, however, the majority of the messages that he
> has sent out to cypherpunks, alt.security.pgp, etc. in, say, the last

I don't think this is the case. Most PRZ messages I've seen have been
unsigned; only the recent ones on the PGP 2.6 business have been signed.

I use MacPGP on my home Mac...I don't trust Netcom or any other system
outside my direct control for this. I figure if it's worth signing,
it's worth signing with a secure key, not just a "casual grade" key
(this is the term used by Jay P.P. and others for crypto on unsecured
machines...this involves having more than one public key, etc.).

(This is the main answer to Ed Carp's suggestion about PGP in elm.)

> Hmmmm.  FWIW, it typically requires two keystrokes for me to do any of
> the half dozen PGP operations that I do most often.  I've heard of at
> least three other emacs-based interfaces for simplifying PGP
> interaction and there seem to be quite a few other `helper' packages
> around for other email environments.

See above. I'm not interested in the various elm and emacs PGP
packages. Any sysop can not only obtain your secret key, stored on his
system, but he can also capture your passphrase as you feed it to the
PGP program (assuming you do...many people automate this part as
well).

Since this sysop or one of his cronies can then compromise your mail,
sign messages and contract as "you," I consider this totally
unacceptable. Others apparently don't.

> regardless of the content.  In any case, I find it quite disappointing
> to hear that one of the cypherpunks founders frowns on people actually
> using strong crypto on a routine basis.  Sigh...

"Sigh."

--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
[email protected]       | anonymous networks, digital pseudonyms, zero
408-688-5409           | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."