From: Ian Hebert Area: Public Key Encryption To: David Chessler 5 May 95 20:36:10 Subject: Re: encrypted messages UpdReq -----BEGIN PGP SIGNED MESSAGE----- - -=> Quoting David Chessler to Jeffrey Bloss <=- [snip] [begin off-topic rant] DC> Why have the expense of having a second keyboard for the drive-ins? DC> The sighted people don't object to Braille, and it makes things easier DC> for maintenance. Unfortunately, braille on the ATM machines has got to be one of the least useful accommodations ever implemented; it looks rather good, but it's essentially useless. Think of it this way--what's the point of putting braille on an ATM if the blind customer can't read the screen, or can't use the various buttons? Remember, the way most ATMs are designed, the buttons change functions as you proceed through a selection of menus and sub-menus. For sighted people this is no problem, as you can see the newly-mapped functions on the screen, but if you can't see the screen? My girlfriend would love to be able to use a bank machine by herself, but braille or no braille, they're still inaccessible. (If you'd like to continue this discussion, perhaps we can move it to Internet mail or Fidonet's Blinktalk or Blindtalk?) [end off-topic rant] Ian Hebert London, Ontario, Canada RIME: HOMEBASE (5508) Fido: 1:2401/114 Internet: ian.hebert@homebase.com PGP Key: 1024 / 077A2F7F 1993/02/11 PGP Key Fingerprint: A2 15 DE 22 DA FE D4 DC 0F 17 43 24 1F F2 1E 7B -----BEGIN PGP SIGNATURE----- Version: 2.6.2i iQCVAwUBL6i11d+oQ+cHei9/AQECPQQAi4VDJb7W32o0CwZKbSRNMwWb8T8H7blC +IT9HbHHCNvaUbino3AvW4uemXDW6296R/Z/SdUpCDO1XDpGXeZFH21cv8WMEASj qGsj+NyOuJaBSmv1qbJ3kYzdK36P0RmMePpGVKaZhQahJt5bLEFd0BPpiHlRvkiK T/hU6s+9s+o= =uag3 -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Jack O'Neill Area: Public Key Encryption To: Christopher Baker 6 May 95 16:07:40 Subject: Freeh calling for ban on PGP? UpdReq -----BEGIN PGP SIGNED MESSAGE----- Hello Christopher, Friday May 05 1995 19:47, Christopher Baker wrote to All: CB> In testimony last week to the Senate Judiciary Committee, FBI CB> Director Louis Freeh expressed concern about the ability of CB> terrorist group members to communicate on the Internet, using CB> encryption technology such as Pretty Good Privacy (PGP). Any group not bright enough to use an assumed name to rent their 'delivery vehicle', a la World Trade Towers, or be aware of security cameras in the area, probably couldn't figure out how to use PGP. CB> "Encryption capabilities available to criminals and terrorists CB> endanger the future usefulness of court-authorized wiretaps," Translation: "Encryption capabilities available to citizens inhibit our ability to monitor the populace." CB> Kennedy held up what he called a "how to manual for the CB> terrorist" that a staff member had downloaded from the Internet, CB> and said, "We know the advantage of the information highway, CB> but there's the darker side, too, we need to be concerned about." Next we'll have Newt holding up a "terrorist manual" obtained from a public library and calls for the closure of libraries. Why do the actions of the followers of Cyril at Alexandria come to mind? Jack Freq PGPKEY for (guess what) my PGP Key. ... I reserve my abuse for lower life forms, like Civil Servants. -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBL6vpgL9heO3mhXfZAQHFxgP/aut5bfK+IXVi6JjHm9pQ9/hztfvtjnWv 8g0RkfHupa77OKTu2emBLzfuz6CVnVZc/9+pucZbJoyFi8dim2FGMbyNxNAf3QFW pX9qQ5v2BD8Y+Qa4FtlqpPajZ8dgvGHJNPsRvDB0/7NafMiEgDzk+0UnedF1oMmc POYnVL2Uu1E= =X4ha -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: John Stephenson Area: Public Key Encryption To: Ian Hebert 5 May 95 18:19:00 Subject: PGPWAVE clock shutoff? UpdReq IH> I've been playing around with PGPWave for a little while now, IH> and I like the program very much. I think it will go a long way to IH> making PGP more acceptable to newbies, who don't like command-line IH> interfaces. I don't think anybody -really- likes command line interfaces except when they want something to happen as quickly as possible. IH> However, there is one feature of the program that I would IH> very much appreciate if you would modify--could you please include some IH> type of toggle switch to turn off the clock? I wish I could. I have lost the source code to PGPWave. Meaning I can't update it any further. To do the changes you wish, I need to rewrite all of PGPWave from scratch. I will however do this, and when I do you can bet I will put in that feature. IH> The reason I'm asking is that my girlfriend would like to use IH> PGPWave, but the clock drives her crazy. She is blind and uses a IH> speech-synthesizer and driver software to access DOS programs, and IH> as long as the clock is on the synthesizer keeps reading the time as the IH> digits change (in other words every digit of every second is IH> announced.) I don't know what to say about this. I wish I can update this - and I -will- in time - it's just I don't have the time at the moment to rewrite PGPWave, but I will over the summer break. - John 201434369420143436942014343694201434369420143436942014343694718 From: Ian Hebert Area: Public Key Encryption To: Jay Banks 5 May 95 20:37:10 Subject: Re: Send/rec PGP Msg's UpdReq -----BEGIN PGP SIGNED MESSAGE----- - -=> Quoting Jay Banks to Ian Hebert <=- IH>TA> -=> Quoting Ian Hebert to Tom Almy <=- IH>TA> IH> Actually, there are two Usenet groups, alt.anonymous and >TA> IH> alt.anonymous.messages. The idea behind these is that people can IH> We would like to get in contact with the person who is > publishing the Operating Thetans of the Church of Scientology via > anonymous remailers. Your name has come to our attention. We have JB> Yeah, I was reading in Boardwatch or something similar, and they JB> had arrested or put a subpena out on the guy who was posting the JB> Scientology material. It seems to catch him they went to the JB> anonymous re-mailer with a warrant and a couple of cops, and the JB> re-mailer service handed over all their records to them. It JB> seems they had the choice of handing over just the records for JB> him, or they would take his equipment and get everybody's records in JB> the process. Some choice. Hi Jay! I haven't seen the Boardwatch article, so I can't comment on it directly, what you've stated above is essentially correct. For the benefit of those unfamiliar with the situation, here's what happened: Briefly, what happened was the Church of Scientology alleged that the materials posted had been stolen from one of their computers, which is a criminal offense, and they had approached the LAPD as a result. LAPD approached Interpol, who in turn approached the Finnish authorities. The Finnish authorities obtained a search warrant and served Julf with it. Julf and his lawyer negotiated with the police, as the Finnish police originally demanded the contents of Julf's entire database, and not just the identity of the offending poster. Fortunately, Julf's lawyer was able to get the police to agree to accept the one anonymous user-id in question. If Julf had refused to hand it over, thepolice would have seized the machine that Penet runs on, and they would have had the entire 200,000 name database. (Whether the Finnish police would have handed over the entire database to the Church of Scientology is a good question, and a chilling one, particularly given the Church's reputation for viciously attacking its critics.) JB> It now makes me think twice about re-mailers, as maybe they JB> aren't so anonymous after all. I disagree--I think that this is an over-reaction. What you have to realize is that there are different types of remailers with differing security features and properties--in other words, you have to become a smart consumer of remailer services. To his credit, Julf has never tried to cover up the various risks associated with using his server; his documentation explains these reasonably well. The biggest single flaw in Penet's design is the hard-coded mapping of anonymous-id to real-id. Homer Smith, who operates a cypherpunk remailer, as stated on alt.privacy.anon-server has said that he feels that Penet's database is a ticking time bomb, just waiting to go off. While Homer's language might be a bit on the colourful side, I don't disagree with his conclusions. So, you might ask, "Why do people still use Penet?" The answer is: "It's simple to use. You don't need to have, or know how to use, PGP. You don't have to know how to create encrypted remailer chains." The price you pay for ease-of-use is a very high one. If you want security, you can use the cypherpunk remailers (particularly ones that don't keep logs), use PGP and use encrypted remailer chains. It's not as easy to use, but it's one hell of a lot more secure. Ian Hebert London, Ontario, Canada RIME: HOMEBASE (5508) Fido: 1:2401/114 Internet: ian.hebert@homebase.com PGP Key: 1024 / 077A2F7F 1993/02/11 PGP Key Fingerprint: A2 15 DE 22 DA FE D4 DC 0F 17 43 24 1F F2 1E 7B -----BEGIN PGP SIGNATURE----- Version: 2.6.2i iQCVAwUBL6ix0t+oQ+cHei9/AQGt9QP6AnJzbuTFEXf2b49MUjSUft7glR7mgEjf VlOAZQIJ6hv9Djoo4TjyVRaQBrsNhll1eMeU55Fo8QsShaHttsi9fspRJzXHC2Fb ar9qAxJlovso+rO4gsbgVYi2RxvvfFEXO/5P0b3hiUhGSf+nR9m4jRQUJTBG8y0j XK83SdDZyig= =tCmM -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Ian Hebert Area: Public Key Encryption To: Jeffrey Bloss 5 May 95 20:37:10 Subject: Re: Send/rec PGP Msg's UpdReq -----BEGIN PGP SIGNED MESSAGE----- - -=> Quoting Jeffrey Bloss to Tom Almy <=- TA>> IH> newsgroup, like alt.anonymous messages, one can pick up or drop off TA>> IH> information from almost anywhere. Literally, there is no email TA>> IH> address to be traced. TA>> OK, so it *is* a way to foil traffic monitoring. You can neither tell who TA>> sending the message nor to whom it is being sent. Actually, what is descri JB> Just a nit, but PGP doesn't perform well under these circumstances to JB> begin with. :( Even "anonymous" encrypted messages will cause PGP to JB> display "This message can only be decrypted by...." errors. Pretty JB> much kills the "to whom" security unless you're prepared to generate JB> enough key pairs to boost the S/N ratio above the traffic analysis JB> threshold. JB> IH has a point, but not a practical one. ;) Hi Jeffrey! Of course the whole idea is to generate keypairs that don't reference a real-id; suppose you have a key such as: Type bits/keyID Date User ID pub 2048/34D8632F 1994/08/17 Xenu Key fingerprint = 38 1D 9C DC C8 B8 B3 ED CC 30 54 AD EC A6 12 61 sig 34D8632F Xenu You'd have to admit that this wouldn't tell the authorities too much about the real identity of the poster... :-) Basically, as you intimate, you would just have to generate a series of throwaway keypairs. As far as tracing mail through the remailers goes, I will admit that even Bruce Schnier thinks that they aren't sufficient to foil sophisticated eavesdroppers such as the NSA. But there's nothing to say that you can't make their job harder, eh? T.C. May once described chaining a message through 100+ remailer hops, just to see if it could be done. I remember he made a comment to the effect of, "I pity the NSA employee who's gotta unravel this one..." I seem to remember reading somewhere that the FBI were sufficiently alarmed over 'BlackNet' that they actually began an investigation into it.... However, you are right about it not being terribly practical; let's face it, there are probably less than 100,000-250,000 people worldwide who are really into using PGP. (This is just a guesstimate, given that there are only ~10,000 keys on the keyservers; I figure for every key posted on the servers, there are probably another 10-25 people using PGP who either haven't bothered to post their keys, or choose not to.) But practical or not, it still is interesting, n'est ce pas? Ian Hebert London, Ontario, Canada RIME: HOMEBASE (5508) Fido: 1:2401/114 Internet: ian.hebert@homebase.com PGP Key: 1024 / 077A2F7F 1993/02/11 PGP Key Fingerprint: A2 15 DE 22 DA FE D4 DC 0F 17 43 24 1F F2 1E 7B -----BEGIN PGP SIGNATURE----- Version: 2.6.i iQCVAgUBL6rFO9+oQ+cHei9/AQFzTwP5AclKEuFrpqJGGaoq9EMOsnKg0lxXVFA4 K6l9iedxxFwA7IW8aB+BirnigTjg5KivWWOVFIqSXHmIAPBTxaPbO7Rrggpfbu2J u98dl5ybyA2Wh6D4Yk8COQCRhubcQ77I797f56lXzDzgWvFKeHNUwEo18J8TrHOz bgBzYIXZ93M= =qNoC -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Ian Hebert Area: Public Key Encryption To: Jeffrey Bloss 5 May 95 20:40:10 Subject: Re: Send/rec PGP Msg's UpdReq -----BEGIN PGP SIGNED MESSAGE----- - -=> Quoting Jeffrey Bloss to Ian Hebert <=- IH>> Using a newsgroup for receipt of messages makes it virtually impossible IH>> to trace a sender or a recipient. You may have seen the recent post I JB> Would be true, except for the fact that PGP barfs "This message can JB> only be read by:" errors when you try to decrypt a message to someone JB> else. And the fact that even anonymous remaillers are traceable... only JB> hiding the origin of the message from very honest people. ;-) As I alluded to in my other reply, remailers are probably traceable, but only with one hell of a lot of work. You'd have to be up against an powerful adversary (such as a well-funded government agency) who is absolutely bound and determined to get you. JB> Boosting noise ratios to defeat traffic analysis is useful only when JB> traffic analysis can reveal something useful. Personal communications JB> that don't revolve around an event that the person(s) your trying to JB> hide the information from have at least SOME knowledge of, are pretty JB> much immune anyway. This is precisely what BlackNet and similar anonymous message exchanges involve. The idea is to exchange information between two people who don't know each other beforehand. In this particular case, there are no real-world links between the parties. Ian Hebert London, Ontario, Canada RIME: HOMEBASE (5508) Fido: 1:2401/114 Internet: ian.hebert@homebase.com PGP Key: 1024 / 077A2F7F 1993/02/11 PGP Key Fingerprint: A2 15 DE 22 DA FE D4 DC 0F 17 43 24 1F F2 1E 7B -----BEGIN PGP SIGNATURE----- Version: 2.6.i iQCVAgUBL6rF+N+oQ+cHei9/AQH5DwP/VvbI6yM9eQW3MnliEDj2OXBjHMgPpNoH pLKOPOqy0pISdrBebX07f/3CcWFBFbn8vtsutLjjq31yMZcH4w7Us7QgTulKfZ51 QMybnInqZdWmnzbLhL/N+x3aOlkuLyFI0I8IUNoNW02ikwms9Jdi1m4grqOPVbuC +CDvTU99nWc= =otKR -----END PGP SIGNATURE----- 201434369420143436942014343694201434369420143436942014343694718 From: Richard Dale Area: Public Key Encryption To: David Chessler 30 Apr 95 11:16:10 Subject: Re: encrypted messages UpdReq DC>*possession of copying machines, mimeographs, faxes, and even typewriters may be DC>*controlled, in the vast majority of all countries there are no restrictions on DC>*the use of PGP or other strong encryption. Which is exactly why I didn't say "most" countries. Twenty countries can be "many" countries. As you point out, even the most mundane equipment can get you into trouble. A few years ago it seems like not a week went by where a newspaper office didn't get bombed. I shudder to think what happened to private individuals who met in secrecy, used codes, or whatever. * 1st 2.00i #567 * Diplomacy is the art of letting other people have your way. 201434369420143436942014343694201434369420143436942014343694718 From: jason carr Area: Public Key Encryption To: Jeffrey Bloss 6 May 95 10:45:52 Subject: Re: Send/rec PGP Msg's UpdReq -----BEGIN PGP SIGNED MESSAGE----- -=> Quoting Jeffrey Bloss to Tom Almy <=- JB> Just a nit, but PGP doesn't perform well under these circumstances to JB> begin with. :( Even "anonymous" encrypted messages will cause PGP to JB> display "This message can only be decrypted by...." errors. Pretty JB> much kills the "to whom" security unless you're prepared to generate I think his idea was that you'd pick out those msgs that had a pre-arranged SUBJ: line. You wouldn't be trying to decode those posts that weren't to you, therefore not "only decrypted by" errors... -----BEGIN PGP SIGNATURE----- Version: 2.6.2 Comment: Fully-encrypted echos =work= iQCVAwUBL6t9KUjhGzlN9lCZAQEJtwP+LYVCS8cAFctqE3Jnqd15nGxlZNWjrPqw xlONxbZI1dEZufLAs8ea+iLmZFd/Y65toz64i3j9EyioIOQuwInAWX+LyS2+gufr vfqoihl+7YGt6DEyW7D+2RSXfJgZthq3wyPtZA3/N2yX8oTlAZF95QwXn0ZJ3Jac fbtFYv48iiU= =SuMM -----END PGP SIGNATURE----- jason ... BW-PGP.BAT / BlueWave 2.12 / PGP 2.6.2 201434369420143436942014343694201434369420143436942014343694718 From: Scott Mills Area: Public Key Encryption To: David Chessler 6 May 95 22:02:32 Subject: encrypted messages UpdReq Monday May 01 1995, David Chessler writes to Jeffrey Bloss: JB>> ... Why put Braille dots on the keypads of drive-up ATM's? DC> Ever use one by walking up to it? DC> Why have the expense of having a second keyboard for the drive-ins? The DC> sighted people don't object to Braille, and it makes things easier for DC> maintenance. All the drive-ins here have big signs saying that due to insurance reg's walk up business is not allowed. I also notice that ATM's have braille key's but no output that the blind can use. Of course we're drifting further and further off topic..... Scott NT: As stable as Ted Kennedy on a narrow wooden bridge. Scott Mills 1024/26CD5D03 For my PGP key freq PGPKEY sm@f119.n265.z1.fidonet.org --- 201434369420143436942014343694201434369420143436942014343694718 From: Scott Mills Area: Public Key Encryption To: Michael Babcock 6 May 95 22:06:20 Subject: Exon bill passes as a UpdReq Monday May 01 1995, Michael Babcock writes to TURIYAN GOLD: TG>> What areas dont allow clearsigning? MB> C_ECHO, C_PLUS_PLUS, 80XXX (assembly), ALL THE LOCAL ONES, CAN_CHAT, MB> a bunch of others that i've tried it on...as a matter of fact, i've been MB> told off by every moderator there is for using PGP to clearsign messages MB> except here... Go over th DR_DEBUG and try it. The co-mod freaks if you even post a PGP fingerprint. Scott Death & taxes are both certain, but death isn't annual. Scott Mills 1024/26CD5D03 For my PGP key freq PGPKEY sm@f119.n265.z1.fidonet.org --- 201434369420143436942014343694201434369420143436942014343694718 From: Alan Pugh Area: Public Key Encryption To: Doug Muth 2 May 95 18:11:26 Subject: Re: Public Keys UpdReq -----BEGIN PGP SIGNED MESSAGE----- MB> I don't know about the rest of you, but i've got a lot of messages MB> coming in over here that have signatures that I don't have the keys MB> for. Would it be possible for people to post their public key in the MB> public keys conference every now and then to make sure we all have MB> them? Thanx. DM> Well, that would make for alot of overhead. I've noticed that DM> alot of users have the keys availible by FREQ. Also, if you have DM> internet access, you can use the PGP key servers DM> (pgp-public-keys@pgp.mit.edu) and get many keys. do you happen to know how to get a help file from the server above? amp <0003701548@mcimail.com> May 2, 1995 19:9 -----BEGIN PGP SIGNATURE----- Version: 2.61 iQEVAwUBL6aRrCgP1O9KJoPBAQF+CQf6A9IqY8+RmLAo7IEsO+XEda8sgOZr15yy 6mgN5eJDs0oxtFAe/q4/wSX7gipAdiUKy9aRJdB01lH25V9eVzjXZlG/YMiiuUg/ 3LTTHW1ZVdjlqfeRtdFHf5aM4kPghPVPSf7YclgA7pyqcPh1vAB9P6sy13AqYifM bXemfncVhBYnZs9gyBEdTsr6KVvx/pMD1M5WBHw8b0FcqWVUMsrU+DjU5CLVXHT5 M9Av3A2Kl7UMwDqhi3f7J6ZYlxcjoJH5yoULI1yMJz10Eb2R6dC0IhuWwCdoV/sZ THnHcYMAmRO3fEWxGiIsNoHjzCBIOP0WRnC2MMKrfpJzozyw6e4sYQ== =wASa -----END PGP SIGNATURE----- ... Guns make good people better, and bad people worse. 201434369420143436942014343694201434369420143436942014343694718 From: Alan Pugh Area: Public Key Encryption To: Michael Babcock 2 May 95 18:18:54 Subject: Send/rec PGP Msg's UpdReq -----BEGIN PGP SIGNED MESSAGE----- MB> though :) If you want freedom for PGP, say so...and use it on the MB> Internet...! good advice. i almost never send internet mail 'in the clear'. it may not be important, but it is _private_. amp <0003701548@mcimail.com> May 2, 1995 19:17 -----BEGIN PGP SIGNATURE----- Version: 2.61 iQEVAwUBL6aTcSgP1O9KJoPBAQFDigf8CDP3UqiWz9ghZgWjCXUeNzwXlkEt9eg2 yoTmHG1O8q1MI5LDKX42N1NLtXp8JO1Q7vbaHfRgdqOL8JqFn0uER1U7upr2KSUH CREkSDyQ+mSgLS7TG39qctSMIO6t9rOSzlJAhujUiKbkGvXS/7A4G4M2zXt8XH5F Awx6EqBlfXBI4AU5+M2508akbIWLwOOYq6UebiAg/Rr6MNBewB5MfbqkYfy1Tde6 4vv8aGs0G15G9ArqGLxCZEP+Qen4bRo1eL9jSYL6REkbxGKy/4WZJXT20/KFkhej ZU2i++llR7MUxe10jasq9uEXJCLA3D21weFuMPlvnNuzI5Tm4gay6Q== =IxSP -----END PGP SIGNATURE----- ... Guns make good people better, and bad people worse. 201434369420143436942014343694201434369420143436942014343694718 From: Alan Pugh Area: Public Key Encryption To: Tom Almy 2 May 95 18:48:46 Subject: Send/rec PGP Msg's UpdReq -----BEGIN PGP SIGNED MESSAGE----- CF> I've never found an echo strictly for PGP msg's. TA> No reason for one. i would think that it would be an _excellent_ method of thwarting traffic analysis. i've considered the idea at some length, and don't think it is truely practical at this point because our offline readers do not yet have full pgp support implemented as a part of the fundamental design. i don't remember if i've posted on that here in this echo, but can flesh my idea here if you'd like to talk about it. jc> How so? Seems like it would be a great way for people to practice jc> proper comsec in a casual, low-threat setting. TA> Private, direct email would be better. Why post (for wide TA> distribution) a personal message? Only advantage is to thwart traffic TA> analysis, but I doubt most people using a PGP encryted message echo is TA> really thinking along those lines. private, direct email is quite appropriate in many if not most situations, but i, for one, would really appreciate the ability to send messages into an echo and know that there is no way for the government, or anyone else for that matter, to know who it was directed to. if we are really serious about privacy, such mechanisms will have to evolve as the only limitation is software. TA> Carefully, perhaps. Creatively, no. This is an area where trying to be TA> creative can cause problems -- most crytpographic ideas are put TA> forward for lengthy public scrutiny. huh? do you mean like pgp source code? ;) TA> I'd say those that are doing it wrong are treating it like a game. And TA> I've seen plenty of that. It takes a lot of work to follow all the TA> suggestions in the PGP manual. I bet that an overwhelming majority of TA> users: TA> 1. have the private keyring publicly accessible TA> 2. have a poor passphrase TA> 3. trust public keys on PGP_KEYS and on Internet keyservers TA> 4. sign keys where they aren't absolutely sure about the owner (meet TA> them personally and check IDs). hmmmm... guess i'm atypical. none of the 4 above apply to me. i would add one to your list. 5. user has no backup of keyring & emergency revokation certificate. TA> The large number of "unofficial", and incompatible, versions is also TA> not taking things seriously. i am absolutely in agreement with you on this one. i was getting rather annoyed with all the versions being released before things stabilized on 2.6.2. i still converse with a few folx who use 2.3a though from time to time. amp <0003701548@mcimail.com> May 2, 1995 19:46 -----BEGIN PGP SIGNATURE----- Version: 2.61 iQEVAwUBL6aaRigP1O9KJoPBAQGDYgf/YnZgcX97VWHwQbd8yNGb7DfhCndpHDi4 FsU3eN02ewXZ18Tl0K1LLsxdKnwvM+QF7hQ070vwpY3fP/30cTnaQBeHpxfKl6P/ 1Ef1Km1XqCWKWRr9qLQZx0OPAVUSHsaiZZeI93rTpT0+AX5N0tpVN8h9AjS09JI1 eR09oIvV9mXfMb6V6FcSdB4lFJ/c1KVutlUEecVH237O3ZTTrEzgL0S7ZU81v0aY JcS0WPR9lC9Xg0YcTd7EFHpG/0+voyysQv2Ca5SREXRSdqg8tpdXAYcvrLE7WhZ5 uwb2CsPkwVuybALk524qlJKpHJ9iISdeDjitKrKmPFD+3bWeLGFlfA== =9+u1 -----END PGP SIGNATURE----- ... And on the 8th day, God said, "OK, Murphy, you take over." 201434369420143436942014343694201434369420143436942014343694718 From: Alan Pugh Area: Public Key Encryption To: jason carr 2 May 95 19:26:44 Subject: Send/rec PGP Msg's UpdReq -----BEGIN PGP SIGNED MESSAGE----- jc> Yikes!! That's my second N quote in as many posts! better watch it the philosophical corps will be after you... 8) TA> to follow all the suggestions in the PGP manual. I bet that TA> an overwhelming majority of users: TA> 1. have the private keyring publicly accessible TA> 2. have a poor passphrase TA> 3. trust public keys on PGP_KEYS and on Internet keyservers TA> 4. sign keys where they aren't absolutely sure about the TA> owner (meet them personally and check IDs). jc> 90% of people are idiots, regardless of their use or non-use of PGP. jc> Their cars are also likely low on oil, and their kitchen knives are jc> dull. not necessarily idiocy. personally, i'm happy with people who take the initiative to use pgp. they are at least cognisant of the issues, though not necessarily fully fluent in all the issues involved. _i_ am quite serious about encryption as i see it as a boon to the future of our Republic. many people will never get all aspects of it down, but i think education on these issues can only increase as technology advances and encryption becomes more common. TA> The large number of "unofficial", and incompatible, versions TA> is also not taking things seriously. jc> I salute the people who sit up nights altering the sourcecode. jc> Unofficial versions resonate deeply of Phil's vision. 'tis true, but it breeds uncertainty. this is not necessary a good thing. it is inevitable though. i support this tweaking though my use of 2.61. i like its ability to make bigger than standard keys. once i increase my processor power a bit i'll be able to better match the strength of the rsa and idea keys. from what i understand, beyond 3k keys, idea becomes the weak link. (not exactly what i call weak, except in relative terms) i figure 3k keys will be the standard in a couple of years. amp <0003701548@mcimail.com> May 2, 1995 20:23 -----BEGIN PGP SIGNATURE----- Version: 2.61 iQEVAwUBL6ajTSgP1O9KJoPBAQEn5wf+LLDBneMuTKx8IPX+GQP9YBk0NSgckpuC ukjpk1D+3BS+dPHXOUCjNSFA11Mb4mt+qvIN4eeEUzBW9eCcd0zbKN5ehraJk8kg a8tu//MFEsMezFUP9hMRsztb+ucXyCA+qXxbxgMztDEoq5UZaWAWiYhj7pVGZyla YY0aespOsYYiLGwOAanu8+7ZD0nNY4VGr2ZeeqYOQAmq4ZYIszp3aL3kHIkRPl6h NBGsUaFswpRCcW3ZMt1MNthDmu+ChyvPvAi/w46rhjq9CkGRN+3LUzuqPMTVMlAL przdnm1uOgSdET5Icn/6hFACgrBXiOxJZjBUOQmF/By5t9c4CMvzgA== =klip -----END PGP SIGNATURE----- ... FBI: Fry, Burn, Incinerate 201434369420143436942014343694201434369420143436942014343694718