-- At 06:56 PM 12/31/2000 -0500, David Honig wrote:
I don't see why a secure text-chat program would be any different than PGPfone (using DH, not RSA). Maybe easier i/o, tougher authentication since PGPfone uses human voice recog in part.
The method used by PGP phone against a man in the middle attack is impossible for text programs, though fairly easy for voice and video. A chat program needs a server, or interacting network of servers to advertise presence. This server could also act as a public key server, invisibly to user, guaranteeing stability of identity -- that this presence was the same entity as had been logged on under the same name in previous sessions. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG KjuvIUyDc+HD6sFxZIgkCD4ro8q+9eiwudhA21wi 4kP3H+TQ6kIQ63kRHWvJaRJTrlfIfR1SVqjt5Wkdp ------ We have the right to defend ourselves and our property, because of the kind of animals that we are. True law derives from this right, not from the arbitrary power of the omnipotent state. http://www.jim.com/jamesd/ James A. Donald