-- At 06:56 PM 12/31/2000 -0500, David Honig wrote:
I don't see why a secure text-chat program would be any different than PGPfone (using DH, not RSA). Maybe easier i/o, tougher authentication since PGPfone uses human voice recog in part.
The method used by PGP phone against a man in the middle attack is impossible for text programs, though fairly easy for voice and video. A chat program needs a server, or interacting network of servers to advertise presence. This server could also act as a public key server, invisibly to user, guaranteeing stability of identity -- that this presence was the same entity as had been logged on under the same name in previous sessions. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG UGQ/+6M1hWVD5Z4S7TaT01Hg7/uSMrGS449xduq7 4+IVFOt/Gxo+29WnJDRqzcj9CMd7J+MOSEhY09Au5