PGP help and comments.
Jonathan Stigelman
stig at transam.ece.cmu.edu
Mon Apr 5 19:42:37 PDT 1993
In message <9304040758.AA07164 at tigger.cc.utexas.edu> you write:
>
>This is even more dangerous than storing it on the disks of a multi-user
>machine. Unless you are running in a kerberos environment it is trivial to
>snoop your upload off the network, and even without that weakness you are
>exposing yourself to the same problem that the docs mention (it is really
>pretty easy to scan someone's terminal input) only you are giving them the
>key outright instead of only giving them the passphrase to your key.
>
Yeah.... So if your key can be snooped off the net, so can your
cleartext. To decript online, then, is akin to using only weak
encription...which indicates only the desire for limited privacy.
But if even if you do decript online, you're still protected from
file snooping.
What's needed is PGP decription built into your terminal program.
stig
More information about the cypherpunks-legacy
mailing list