[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: premail.



[email protected] (Igor Chudov @ home) wrote:
> Anonymous wrote:
> > 
> > A scenario:
> > 
> > 1) The spooks put a bug (named Eve) on the link between
> > kiwi.cs.berkeley.edu and the Internet.
> 
> ......
> 
> A good scenario. A truly paranoid premail users should verify who signed
> the remailer keys. If you trust the signators and they signed the keys, 
> you are "safe". Just do pgp -kvv [email protected] and see what comes up.
> 
> Maybe remailer operators should asks someone reputable to sign their
> remailers' keys so that the users can easily verify the signatures.

	Yes, that is one part of it. Another part is that Raph should
include a public PGP key in the premail program and then sign both the
remailer-list and the pubring at kiwi.cs.berkeley.edu with it. The public
key included in premail should be

1) Used to sign the premail distribution itself.
2) Emailed to various mailing lists such as cypherpunks and also mirrored
at various internet sites, so it cannot be spoofed by spooks.