[44131] in Cypherpunks

home help back first fref pref prev next nref lref last post

Re: key for Alice as promised (not)

daemon@ATHENA.MIT.EDU (Adam Shostack)
Wed Nov 29 10:59:32 1995

From: Adam Shostack <adam@homeport.org>
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Date: Wed, 29 Nov 1995 10:58:38 -0500 (EST)

> > >Can you imagine??  I'm simply not willing to fool myself into thinking 
> > >that I ahve security by posting a key and using PGP.
> > 
> > Unless you can post some proof that PGP is insecure, stop insisting it is.
> 
> PGP is really not the issue.  The issue is more my security and the
> environment that I use PGP in.  I don't have a trusted machine to run PGP
> on.  Anyone who wants to can come up to machine and copy my secret keyring
> or they can even watch me typing my password in. 

	Threat, please??  Do people often stand over your shoulder as
you type?  Enter your office, point guns at you, and take a backup of
your entire computer?  Have you considered putting the secret keyring
on a floppy and locking it in your desk/safe when you're not actually
in the office? (Or home..)

> So, I don't fool myself, and I don't use PGP, except for things like
> exchanging a one-time pad with someone when I've already sent the message
> out across another delivery mechanism, like on a floppy delivered my
> courier. 

	I don't follow.  You're claiming that PGP is good enough to
transfer OTPads, but not good enough to sign pseudononymous messages?

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume


home help back first fref pref prev next nref lref last post