[119112] in Cypherpunks
Re: Worthless Disappearing [Self-Destruct E-mail]
daemon@ATHENA.MIT.EDU (adam@cypherspace.org)
Fri Oct 15 08:49:04 1999
From: adam@cypherspace.org
Date: Fri, 15 Oct 1999 12:58:36 +0100
Message-Id: <199910151158.MAA03310@server.cypherspace.org>
To: gbroiles@netbox.com
CC: amp@pobox.com, cypherpunks@cyberpass.net
In-reply-to: <19991015003412.A19810@ideath.parrhesia.com> (message from Greg
Broiles on Fri, 15 Oct 1999 00:34:13 -0700)
Reply-To: adam@cypherspace.org
Greg writes:
> Amp writes:
> > Why even bother to buy into a service that has this feature when you
> > can't be =sure= that the keys are =really= deleted. The paranoid might
> > say that this could easily be a front for TLA of USGOV to sucker people
> > into a false sense of security.
>
> The service might or might not be worthwhile, depending on your threat
> model - if you're concerned about the US Govt - especially the more
> technically skilled parts of it - you probably need something better
> than what these guys offer.
Consider also that typically there is no forward secrecy at all. You
could use their service just for forward secrecy and tunnel PGP
encrypted mail through it, and have better security than PGP alone.
If their protocol works, I think it is a good idea that someone is at
last doing something with forward secrecy -- no one else is. You can
mix and match forward secrecy and security protocols, they are
relatively independent.
(Well actually ZKS got there first, their mail protocols and anonymous
IP tunnels are forward secret also, and I suspect in a more secure
way.)
Adam