Eric Hughes wrote:
Paranoia is cryptography's occupational hazard.
Yes, that is indeed the nature of it since many of the protocols are designed to work admist mutually distrusting parties. A degree of suspicion/ paranoia is necessary - for example, digital cash. Another example, a non-suspicious person may be tricked into digitally signing anything (by getting them to sign a blinded document).
the possibility of technical error, and it begins to close off examination of technicalities not fully understood.
I understand this: I was allocated an anonymous id which I didn't intend to request. So maybe it was a technical error, maybe it was somebody trying to figure out my id... in either case the resulting id is useless Presumably, the person subscribing to the list received my message, with the From: field altered to the anonymous id. Since the message contained by name and email address, I don't care if the id was assigned by mistake.
There must be confidence that the way by which this security becomes to be believed is robust and immune to delusion.
Precisely: I beleive my assigned anonymous id to be worthless. I think I follow most of what you are saying; all the same, in this case, technical error or not, malicious person or not, the paranoia is justified. And beleive me, I haven't invested much time into figuring this out. -- Karl L. Barrus: klbarrus@owlnet.rice.edu keyID: 5AD633 hash: D1 59 9D 48 72 E9 19 D5 3D F3 93 7E 81 B5 CC 32 "One man's mnemonic is another man's cryptography" - my compilers prof discussing file naming in public directories