I agree that under-the-hood encryption is becoming more and more prevalent, and that it generally improves security. Also, the widespread use of encryption technology helps protect cryptorights in general as important to the public good. The fundamental problem with "under-the-hood" is that the user is not required to have any understanding of the process. Furthermore encryption technology is often also authentication technology. This includes transparently sending S/MIME documents (encrypted and/or signed) as a default without requiring additional user intervention. In many places this results in legally binding documents. Furthermore, anyone with access to a system can send legally binding e-mail documents on the user's behalf. Both legally-binding and authentication technology should not be completely transparent. Even "EULA's" require user-intervention. Digitally signed messages should require user-intervention. --- Lucky Green <shamrock@cypherpunks.to> wrote: ...
I indeed consider passive encryption methods alone to be typically insufficient for some of my personal security needs
and am continuing to utilize encryption that requires me as the user to make that trust decision. But that does not mean that no security benefits are to be had from opportunistic encryption of Internet traffic. ... How does the increased use of strong crypto under-the-hood help Cypherpunks? The answer reminds me of the response another Cypherpunk gave to my posting statistics about the nature of the USENET traffic seen by a major node. I expressed surprise at these rather revealing statistics, musing that there had to be a lesson to be learned from the fact that the bulk of the data is generated in newsgroups that one would not initially consider mainstream. His response was illuminating: "Yes, the lesson is: just look at all that cover traffic".
--Lucky
===== end Yahoo! - Official partner of 2002 FIFA World Cup http://fifaworldcup.yahoo.com