-----BEGIN PGP SIGNED MESSAGE----- Michael McMahon <uunet!mcimail.com!0005857625> writes: [Talks about real-time end-to-end encryption of user sessions on BBS's.] It's not quite as sexy and "James Bond" as real-time end-to-end encryption, but I think an easier approach to this would be to adopt the architecture of the offline mail-reading programs that are available. For the benefit of people unaccustomed to offline readers, these programs collect up all of the unread messages, E-mails, and file descriptions from a BBS, .ZIPs or otherwise packs/compresses the files, and then the user downloads that "packet", and hangs up. The user then uses a program on her local PC to read and reply to messages in that packet, dials the BBS again, and uploads her responses. I haven't fussed around with offline readers much, but I'll bet it'd be pretty simple to add a step to the collection/.ZIP process, which would encrypt the whole package with some prearranged key. This would allow folks to use standard BBS programs, standard terminal programs, and perhaps even standard offline readers. It should be pretty simple from a programming standpoint, as well; it's perhaps implementable with only batch commands. Yes, the "bad guys" will get to watch the user log on and log off, and can read the menus and choices - but so what? It's possible (easy, really) to encrypt all of the really interesting stuff. - -- Greg Broiles greg@goldenbear.com Golden Bear Consulting +1 503 465 0325 Box 12005 Eugene OR 97440 BBS: +1 503 687 7764 -----BEGIN PGP SIGNATURE----- Version: 2.2 iQCVAgUBK8R3jH3YhjZY3fMNAQHDagP6AkE+8WrEtSOVNfBDiL6UYplI+TAihl66 IffYPilZ+b9Nxq2VHBF8aUYnX7duLRaivILQ7CPIRsNnKRq3DF5bljcvLY9B9VNn 3SSFSGJFQFYvakElcZPbCGhFbsLdmF8QNN97Z8Cdbx4fGYmj83brNidhHYNeXhpo 5Nk2+5W80mE= =Yxdd -----END PGP SIGNATURE-----