-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 At 10:33 AM 9/25/97 -0700, Tim May wrote:
Once the NETCenter failed to decypt the first several dozen instances of PGP or 3DES thrust before it, I rather expect enthusiasm will wane.
But it doesn't have to decrypt it. It has to tell the cops: "OK, you need to send a guy in there when he's not home and look for a file called 'mykey.gkr' on his computer...it will probably be in c:\pgp. Then you need to plant a video camera to watch him type his passphrase. Then we can read his mail, no sweat." I don't know why I keep making this point, but the weak point in crypto is NOT the length of the key, it's the human factor. Go after the HUMAN USING THE CRYPTO via traditional spy/police methods, and smeg the key length. But to do that, you see, you'll need warrents, reasons for suspiscion, and, becuase of the effort involved, you'll only do it for serious crimes with a strong liklihood of conviction. *That* is the 'stauts quo' law enforcement *claims* to want. -----BEGIN PGP SIGNATURE----- Version: PGP for Personal Privacy 5.0 Charset: noconv iQA/AwUBNCqmtTKf8mIpTvjWEQKP2QCg23fm4sNAs0Uj9d2DZT/60ZRWgeIAoI37 /RgFkiiCHHo10o2/8yiBTj+i =af7a -----END PGP SIGNATURE-----