[119112] in Cypherpunks

home help back first fref pref prev next nref lref last post

Re: Worthless Disappearing [Self-Destruct E-mail]

daemon@ATHENA.MIT.EDU (adam@cypherspace.org)
Fri Oct 15 08:49:04 1999

From: adam@cypherspace.org
Date: Fri, 15 Oct 1999 12:58:36 +0100
Message-Id: <199910151158.MAA03310@server.cypherspace.org>
To: gbroiles@netbox.com
CC: amp@pobox.com, cypherpunks@cyberpass.net
In-reply-to: <19991015003412.A19810@ideath.parrhesia.com> (message from Greg
	Broiles on Fri, 15 Oct 1999 00:34:13 -0700)
Reply-To: adam@cypherspace.org


Greg writes:
> Amp writes:
> > Why even bother to buy into a service that has this feature when you
> > can't be =sure= that the keys are =really= deleted. The paranoid might
> > say that this could easily be a front for TLA of USGOV to sucker people
> > into a false sense of security.
> 
> The service might or might not be worthwhile, depending on your threat
> model - if you're concerned about the US Govt - especially the more
> technically skilled parts of it - you probably need something better
> than what these guys offer.

Consider also that typically there is no forward secrecy at all.  You
could use their service just for forward secrecy and tunnel PGP
encrypted mail through it, and have better security than PGP alone.

If their protocol works, I think it is a good idea that someone is at
last doing something with forward secrecy -- no one else is.  You can
mix and match forward secrecy and security protocols, they are
relatively independent.

(Well actually ZKS got there first, their mail protocols and anonymous
IP tunnels are forward secret also, and I suspect in a more secure
way.)

Adam


home help back first fref pref prev next nref lref last post