Running PGP on Netcom (and Similar)
Alex de Joode
usura at xs4all.nl
Mon Sep 12 03:58:11 PDT 1994
Timothy C. May (tcmay at netcom.com) did write:
: Not that had Mr. De Payne been using PGP on Netcom, with his secret
: key stored there, the cops would have it. (The passphrase maybe not,
: depending on whether he stored _that_ there, too. And whether Netcom
: had logs of keystrokes entered, which strikes me as something they
: would probably have--we really need a "zero knowledge" kind of
: "reach-back" for remotely-run PGP.)
Would a "challange response" type of verification do the "trick", ie
is it secure enough for passphrase monitering ?
: I just don't think the dangers are worth it. All the theoretical hot
: air about whether kestroke timings are "random enough" is moot if
: Netcom is turning over records to investigators.
: --Tim May
--
____ Alex de Joode <usura at xs4all.nl>
\ /__ =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
\/ / "It's dangerous to be right when the government is wrong."
\/ --Voltaire --finger usura at xs4all.nl for PGPpublicKEY--
More information about the cypherpunks-legacy
mailing list