17 Dec
2003
17 Dec
'03
11:17 p.m.
From: rarachel@prism.poly.edu (Arsen Ray Arachelian) I agree with Tim on this. There's no way I'm going to leave PGP on poly's machines with the key right there for anyone who manages to hack into photon or prism (and yes, it has happened) to set up a fake pgp asking for the passphrase to my key. Your key, singular? Keys are cheap! Everyone should have a bundle. In addition, since I'm not planning on verifying the signatures at the server, you are free to fake them. Of course, if you fake them, you'll have to set up just about the same amount of software as if you used real crypto. Since so much of deployment delay comes from bad architecture, I consider setting up to fake a good thing. Eric