From: Alex Strasheim <alex@omaha.com> I know, but I'm a little squeamish about leaving my keys unprotected. Then make up separate insecure keys for transmission to the host. Add an attribution which says to disbelieve any signature made with this key. Also, I'm not very fond of the idea that encrypted email would be decrypted when it got here and left in plaintext on the mail spool. Some protection is better than no protection. Protection in transit is still protection, even if it is not universal. Otherwise it wouldn't be practical to use this setup in an office or school environment, because anyone could boot your machine with a floppy and steal your key. That's a different threat than interception of mail, remember. A partial solution is better than none. One of PGP's many problems is that it's policies for key use are quite restricted. There's no way, for example, to make a receive-only key. Eric rom owner-cypherpunks Tue Nov 29 23:24:34 1994 Return-Path: <owner-cypherpunks> Received: by toad.com id AA18942; Tue, 29 Nov 94 23:24:34 PST Received: from netcom13.netcom.com by toad.com id AA18930; Tue, 29 Nov 94 23:24:28 PST Received: by netcom13.netcom.com (8.6.9/Netcom) id XAA12077; Tue, 29 Nov 1994 23:23:12 -0800 From: tcmay@netcom.com (Timothy C. May) Message-Id: <199411300723.XAA12077@netcom13.netcom.com> Subject: Re: "You aren't following the _rules_!" To: jrochkin@cs.oberlin.edu (Jonathan Rochkind) Date: Tue, 29 Nov 1994 23:23:12 -0800 (PST) Cc: cypherpunks@toad.com In-Reply-To: <ab0128ce01021004740d@[132.162.201.201]> from "Jonathan Rochkind" at Nov 29, 94 01:56:30 pm X-Mailer: ELM [version 2.4 PL23] Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Content-Length: 1991 Sender: owner-cypherpunks@toad.com Precedence: bulk (My list mail f0or today is now arriving in huge batches, courtesy of Netcom's mail machine finally becoming unclogged...) Jonathan Rochkind wrote:
Which was admitteedlyu your main point; until there is a _need_ for crypto, it's not going to be used. Because premail makes it incredibly easy to use PGP on a unix box. And, for that matter, the Eudora/PGP applescritps make it incredibly easy to use PGP on a mac. And there are some people working on an applescript that will
Not if you read mail on-line, while also reading News.
automate using remailers on a mac too. But ease of use appearantly isn't enough; no matter how easy it gets to use, it's still going to have some cost to the user over not using it. Even if the cost is only having to wait the 1.5 seconds it takes your machine to decrypt/encrypt a message. Unless there's a use for it, people won't be willing to spend that 1.5 seconds per message.
I strongly doubt that _anyone_ is not using crypto because of something so trivial as a .5 or 1.5 or even 4.5 second delay. No, the issues are that handling encryped messages is, for too many of us, _much_ more than a 1.5 seconds per message delay. Several of us have outlined the steps. Are we just lazy? No, in some cases we're at home, pretty much relegated to dial-ups like Netcom. In other cases, on VAXes, or terminals, or AVIIONs. Whatever. Again, described repeatedly. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. Cypherpunks list: majordomo@toad.com with body message of only: subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tcmay