[700] in Cypherpunks
No subject found in mail header
daemon@ATHENA.MIT.EDU (Eric Hughes)
Tue Jun 1 12:27:59 1993
Date: Tue, 1 Jun 93 09:14:58 -0700
From: Eric Hughes <hughes@soda.berkeley.edu>
To: cypherpunks@toad.com
In-Reply-To: Anonymous's message of Mon, 31 May 1993 22:27:01 -0700 <199306010527.AA00963@xtropia>
>This means that the pass phrase [for the remailer secret key] has to
>exist, in the clear, in the scripts which implement the remailer.
Currently that is the easiest way, to be sure. Another way would be
to store the passphrase encrypted in a file so that at least it's not
findable with strings(1). Here a quick hack for someone who's looking
for a project: a passphrase storage process which accepts requests
from a slightly modified PGP.
Hal's basic point, however is not mitigated. Nothing is secure from a
clever root.
>Perhaps Karl could add a notation in his
>remailer lists about which machines are public and which are private.
An excellent suggestion.
Eric
