Impact of Netscape kernel hole (fwd)

Paul Bradley paul at fatmans.demon.co.uk
Wed Jun 18 10:33:02 PDT 1997





> All the perp has to do, once the secring.pgp is obtained is "pgp -kvv
> secring.pgp" and he now knows that Joe Cypherpunk and Secret Nym are the
> same person.

Another reason for keeping physical security over keys, nym keys, if it 
is important enough that the nym stays unidentifiable, should be kept on 
a different secring.pgp, which should be kept physically secure on a disk 
and encrypted using some other key than your own real-name secret key 
(this is just a measure to prevent breaking one key revealing the nym). 

        Datacomms Technologies data security
       Paul Bradley, Paul at fatmans.demon.co.uk
  Paul at crypto.uk.eu.org, Paul at cryptography.uk.eu.org    
       Http://www.cryptography.home.ml.org/
      Email for PGP public key, ID: FC76DA85
     "Don`t forget to mount a scratch monkey"







More information about the cypherpunks-legacy mailing list