No Subject
Eric Hughes
hughes at soda.berkeley.edu
Tue Jun 1 08:41:02 PDT 1993
>This means that the pass phrase [for the remailer secret key] has to
>exist, in the clear, in the scripts which implement the remailer.
Currently that is the easiest way, to be sure. Another way would be
to store the passphrase encrypted in a file so that at least it's not
findable with strings(1). Here a quick hack for someone who's looking
for a project: a passphrase storage process which accepts requests
from a slightly modified PGP.
Hal's basic point, however is not mitigated. Nothing is secure from a
clever root.
>Perhaps Karl could add a notation in his
>remailer lists about which machines are public and which are private.
An excellent suggestion.
Eric
More information about the cypherpunks-legacy
mailing list