your mail

[Stephen Williams]

> 
> An interesting idea, although highly unpracticable.  Sending a binary
> is nearly impossible.  As an example, I have at my disposal (and I log
> into regularly) at least 6 different platforms.  All Unix, but each
> one would require its own binary!

Although I'm still uncomfortable about the non-crypto user key, there is
a simple solution to the problem of executable/data transmission:

Send it as Perl, Postscript, Tcl, whatever.

Perl should be able to handle an encode (7 bit) data stream with a
program prepended.  The algorithm would be more obvious, but
technically no more secure if you disallow security-through-obscurity.

Perl is available almost everywhere, is reasonably fast, has a
comprehensive capability list, etc.

> This doesn't mean that your idea has no merit.  On the other hand, it
> is an interesting key distribution model.  Except there are a number
> of problems that I can see.  First, anything you know about the person
> is something that someone else could probably do a little research and
> find out as well.  This inherently means it is not a very secure
> channel, rather it is only moderately secure.

This is what I think is rough.

> Also, there is no way to meet your goal of "no external binary
> needed."  There may be a few things you can do in lieu of this, but
> all of them require some knowledge of the recipient hardware system.
> But in a case such as mine, even that wouldn't help (do you send it
> for an RT, Vax, Decmips, RS6000, Alpha, Linux, Sun386i, Next, ...?)

Perl...

> Like I said, its an interesting key distribution model, but I do not
> see any way to realize it under your assumptions.
> 
> -derek


sdw
-- 
Stephen D. Williams  Local Internet Gateway Co.; SDW Systems 513 496-5223APager
LIG dev./sales       Internet: sdw at lig.net sdw at meaddata.com
OO R&D Source Dist.  By Horse: 2464 Rosina Dr., Miamisburg, OH 45342-6430
Comm. Consulting     ICBM: 39 34N 85 15W I love it when a plan comes together