[lost attributions, sorry] So did I! ;^)

...

...

I could do an ascii upload of my secret key and never expose my key to disk-storage. This is even more dangerous than storing it on the disks of a multi-user machine. Unless you are running in a kerberos environment it is trivial to snoop your upload off the network... I don't find the risk of a real-time snoop to be as bad as the risk of a future snoop finding my private key alongside encrypted files that have been stored forever (backups).

I am the writer of the original post, and I quite agree with the responce that said that this was a bad idea. The whole point in being secure, is being as secure as possible.

To mitigate either problem, how about having two layers of encryption: a private key to decrypt files for reading on a public machine, and a second public/private pair to reencrypt the files for storage and transmission to the home machine. The public machine knows the first private key (if snooped) and the second public key; only the home machine knows the second private key. Snooping the first private

You still have to store a secret key somewhere. And to do that, you must trust your system administrater.....

key compromises only unread and future messages until the key is changed. Messages archived in the reencrypted state are secure, but messages archived in the unread state with the first private key are still compromised forever. Is backing up mail directories a common practice? Are there (probably system-dependent) ways to avoid backups, such as anticipating or detecting when backups are about to occur, hidden directories, file permissions, etc?

Also, this system introduces some user hostility, in that reencrypted files cannot be read again until moved to the home machine.

It was suggested that I keep my public keyring on the mainframe and use it to read mail. When I want to send mail, I encrypt it at home and upload it into my mailer. This is what I do now. I forgot who you were, but you gave me a good idea. Thanx.

Another idea is to implement the relevant features of Kerberos in a high-level client/server package that can be used to secure personal network communications of this kind. The package could be distributed with PGP.

What are these features? I don't know what kerberos is. +----------------------+----------------------------------------------------+ | J. Michael Diehl ;-) | I thought I was wrong once. But, I was mistaken. | | +----------------------------------------------------+ | mdiehl@triton.unm.edu| "I'm just looking for the opportunity to be | | Thunder@forum | Politically Incorrect! | | (505) 299-2282 | <me> | +----------------------+----------------------------------------------------+