1 Jun
1993
1 Jun
'93
3:41 p.m.
This means that the pass phrase [for the remailer secret key] has to exist, in the clear, in the scripts which implement the remailer.
Currently that is the easiest way, to be sure. Another way would be to store the passphrase encrypted in a file so that at least it's not findable with strings(1). Here a quick hack for someone who's looking for a project: a passphrase storage process which accepts requests from a slightly modified PGP. Hal's basic point, however is not mitigated. Nothing is secure from a clever root.
Perhaps Karl could add a notation in his remailer lists about which machines are public and which are private.
An excellent suggestion. Eric