PGP use

Rick Busdiecker rfb at lehman.com
Wed Aug 24 16:58:40 PDT 1994


    From: "Timothy C. May" <tcmay at netcom.com>
    Date: Wed, 24 Aug 1994 01:37:39 -0700 (PDT)
    
    What is being missed here is the issue of where the PGP operations are
    being done. If done on a machine outside the direct control of the
    user, obvious security holes exist.

I don't suppose that you'd care to describe a situation with
absolutely no security holes, would you?

If not, can we conclude that any attempt to do anything related to
security is, in your opinion, silly?

What's wrong with the following approach:
 - Try to control what you can control.
 - Try to recognize what you cannot control.
 - Try to reduce the second set in favor of the first.

Using PGP on Unix systems where you are not root *does* have a place
in this framework.

			Rick






More information about the cypherpunks-legacy mailing list