First, as a newcomer, and introduction. My name is Loyd Blankenship. I am the Product Development Manager at Steve Jackson Games, and was the employee raided by the Secret Service that set off the formation of the EFF, our lawsuit against them, and much angst within the government. I also use the nome de' plume "The Mentor" when traversing the computer underground. On to stuff relevant to the list: A group of us here in Austin have spent a great deal of time discussing the advantages of RSA-encrypted e-mail. I'm putting a BBS back up later in the year, and would like to offer secure communications to my users. Since the threat of seizure is very real (the feds still have over $10,000 (1989 street price) of computer equipment of mine since I'm "still under investigation"), this needs to be implemented before the message is ever written to hard disk. To implement this, I'm currently trying to get PGP up on my Amiga, then write the necessary C & AREXX functions to link it in with my BBS's (DLG Pro) email function. The outgrowth of this was the Keystone project. We're going to attempt to get everyone in Austin cyberspace public-key capable, and get a master keyring that will be regularly distributed via a trusted system to other nodes in town. Ideally, you would be able to send RSA-encrypted email from any bbs on any of the local nets to any other bbs -- even if all you know is the destination address. We're going to do this by attempting to make the bbs PGP-friendly. All the user has to do is generate a key pair. The two potential weak links in this chain are line security and key validation. The first is almost insurmountable -- unless the user takes the time to d/l a complete copy of PGP and the Austin Keystone Keyring and encrypt the mail on their home system. But if not, then they have to live with the chance that someone is data-tapping. The second will rely on face-to-face identification -- this is why we're making this a local effort. It will probably be Christmas (when I have a 3-week vacation) before serious strides are made in this, but I'm interested in any comments people may have. Loyd p.s. What is this "game" you are talking about? *************************************************************************** * loydb@fnordbox.UUCP Once you pull the pin, * Loyd Blankenship * * GEnie: SJGAMES Mr. Grenade is no longer * PO Box 18957 * * Compu$erve: [73407,515] your friend! * Austin, TX 78760 * * cs.utexas.edu!dogface!fnordbox!loydb * 512/447-7866 * ***************************************************************************
First, let me congratulate Loyd and the others involved with Keystone for working towards the creation of a local distribution mechanism for keys. Every city in the U.S. needs something like this. If it's not happening in your area, start it. Start by getting PGP and making your own key. Then exchange keys with people you know. We have members of the list in many parts of the U.S., Canada, and Europe. There's plenty of work to do. Look around. If no one else is doing this, you should.
Ideally, you would be able to send RSA-encrypted email from any bbs on any of the local nets to any other bbs -- even if all you know is the destination address. We're going to do this by attempting to make the bbs PGP-friendly. All the user has to do is generate a key pair.
There are, roughly speaking, two kinds of privacy; one is provided, and one is defended. Provided privacy is unstable, since the person using the privacy does not create it. Defended privacy is stable, because those who want privacy create it themselves to the level at which they want it. Both systems do provide privacy, no mistake. I would be hesitant to implement a system that _only_ required a user to generate a key pair. This, for the users, is too much provided privacy. It will not teach the users how privacy really works, nor will it give them any good idea how their privacy is being maintained. Defended privacy does not need to be difficult. I would spend effort, instead of modifying BBS software, to make it easier for users to handle encrypted email with their own terminal programs. Now, any privacy is better than none. I don't really know if it is easier to modify your BBS or your modem program. But all other things being equal, make it easier for users to maintain their own privacy.
[...] a master keyring that will be regularly distributed via a trusted system to other nodes in town.
Again, trusted systems can turn into provided privacy. If there is a distributed solution you can think up, use it.
The first [weak link, line security] is almost insurmountable -- unless the user takes the time to d/l a complete copy of PGP and the Austin Keystone Keyring and encrypt the mail on their home system.
This should not be such an onerous task. It might be now, but that can change. Finding ways for users to manage keys, to get keys, and to look up keys are all interesting and useful problems to solve. Every user should encrypt outgoing mail on the home system before it leaves and decrypt incoming mail on the home system after it arrives. If this is not easy, it should be made easy. Not every user need have the complete directory on their own system. They merely need a way to communicate with those that they want to. This probably means a directory service, where people can download keys for the people they want to communicate with. Moving around a complete directory does not scale well. As far as BBS support, if I want to respond to someone and I don't have the corresponding key, I should be able to initiate a zmodem transfer of that key relatively easily, for instance without leaving the discussion area to go to a download area. Eric
participants (2)
-
Eric Hughes -
fnordbox!loydb@cs.utexas.edu