fergp@sytex.com (Paul Ferguson) writes:
On Mon, 05 Apr 93 12:36:09 PST, Jonathan Stigelman <uunet!transam.ece.cmu.edu!stig> writes -
JS> [pgp on multi-user systesm stuff]
I think that you guys are missing the point here. IMHO, if you wish maximum assurance of security, than I'd suggest not trying to run programs such as PGP on a multi-user system to begin with! What's wrong with using a PC for this? It offfers a maximum convenience, single-user secure system quite unlike the security problems associated with your university's mainframe.
Some people either do not have the option, or need the convenience of a multi-user system. My PC is sitting at home with a toasted modem (waiting for a Paradyne to arrive... :) and even when it is running fine I spend 8-12 hours a day working on multi-user systems with connectivity that is light-years beyond what my PC has. If I want to send out am email message and do not want to spend an hour walking home, encrypting it, walking back, and then transferring the file and sending it I will use my copy of PGP on a multi-user machine. I have a different key that I use (my key on a server) for this type of communication and accept and understand the consequences of using PGP in this manner. As long as the user knows the weaknesses of the system they are using they should make thier own choices regarding how to use PGP. You may consider your PC at home to be completely safe and secure, but unless you recognize the weaknesses of that particular setup you are not reaching the "maximum assurance of security" that you claim. jim