Mac PGP effort: After talking with Phil Zimmerman, we decided to break the MacPGP effort into two teams. A short term team as it currently stands now, with the origional members, and a long term team to change PGP into a set of C Libraries that can be used with ANY platform or API. The short term team consists of its current members who are doing current work on the Mac implementation. Next week, perhaps on Wednesday Evening at 7 pm, we will be setting up a conference call to talk about all of the details, and introduce each other. My role in this currently will be that of Email coordinator between the Mac PGP effort and the other platforms. It is obviously clear that there is still a lot of mis-trust that people have in me. I guess it's still very hard to ditch that "Once a criminal- always a criminal" attitude. Phil Karn says:
John Draper was proposing to manufacture rs232 random number generators -- would you buy a used random number from this man?
This is EXACTLY my point. So I WILL be publishing the schematic and I expect the Rander box will be put through it's paces. I have simplified the circuit immensly, and even eliminated the AD converter, but not sure the design works, but want to run the design by a few other HW types before I "breadboard" it. I think I got it down to 3 chips including the UART. Two CMOS chips, a Latch and a gate I'm using as a comparitor, and the UART plus a noise source. Gack!! All these years I try and ELIMINATE noise, and now I am LOOKING for noise. By biasing one of the gates, into the linear mode, it doubles as the amplifier for the noise source. I've gone eligantly simple with the design, I just hope it works. Perhaps this circuit can be integrated into Yanek's Dongle. Phil K. writes:
My thinking is to limit the external "dongle" to the one function that is truly sensitive and worthy of special protection: RSA secret key operations.
Eric Hughes replies:
Phil's comment are right on. There is a need for you secret keys to be easily and physically relocatable.
The Obvious, cheapest, but perhaps not the best way, is to keep your key on a floppie. More later ....