Kent Crispin wrote:
On Sat, Oct 18, 1997 at 08:48:56AM +0100, Adam Back wrote:
My reasoning is this: as PGP Inc can not justify expense on such developments, my CDR proposal would be much safer for them to implement because it requires no steganography support, or other privacy patches to provide protection against abuse of the software for uses other than PGP Inc's designers intentions.
You keep talking as if your CDR proposal is other than vaporware. So far as I have seen you don't have a proposal, you have a wish.
Given Adam's many accomplishments in the arena of CypherPunks issues, I find it hard to make a case for his discussion in this area to be mere mental masturbation. 'Democracy in America' is also vaporware--always has been, always will be--but I see no reason we should not go on discussing it and hoping that we will not having to keep pushing the release date of the finished product back, time and time again.
[...]
You are in error. The only time that you are forced to use CMR is when (1) you share the CMRK with the other party AND (2) the strict flag is set. In all other cases, you can opt-out, on a message-by-message basis.
Adam, it is a complete and utter waste of time to debate this.
I agree. I think that we should just wait until someone comes out with an actual product, and then castigate them for their ideas being "ill-thought out."
What would *not* be a waste of time would be more concrete proposals. Whether PGP implements something is a separate question -- I would like to get back to the question of designing a better email encryption system.
Your reencryption scheme fails because of the management of the short term encryption keys, among other things. Here's another approach I will toss out, without thinking through:
How about formalizing superencryption, or tunneling? That is, treat CMR traffic as a transport medium for messages that are themselves already encrypted. The "key" idea here is to allow layering of non CMR traffic over CMR traffic. All the code for both is obviously already in PGP, with a little glue and perhaps some minor protocol mods...
In return for your positive suggestions, the CDR Board of Dirctors has voted to allow you two posts containg cheap shots at the list member of your choice, without including any points of redeeming, on-topic, list value. Toto ~~~~ "The Xenix Chainsaw Massacre" http://bureau42.base.org/public/xenix "WebWorld & the Mythical Circle of Eunuchs" http://bureau42.base.org/public/webworld "InfoWar" http://bureau42.base.org/public/infowar3 "The Final Frontier" http://www3.sk.sympatico.ca/carljohn