CDR: Re: Lions and Tigers and Backdoors, oh, my...
Tim May
tcmay at got.net
Wed Sep 27 15:48:09 PDT 2000
At 6:24 PM -0400 9/27/00, brflgnk at cotse.com wrote:
>Ray said:
>-- begin quote --
>I do not buy the story that what happened to PGP
>was an accident; on the contrary, it was just NAI doing what they
>had to do to get approval to put it up for international downloads,
>the same as Lotus just did what it had to do.
>-- end quote --
>
>I have to agree. The very existance of unhashed packets in the key
>structure is
>insecure. Given that unhashed packets were a design decision for V4 keys, and
>given that the PGP/NAI guys are arguably not bone-stupid, some coercion must
>have been brought to bear.
>
>BTW, Wells Fargo is happy with Netscape 4.08, but not 4.07. I had
>wondered why
>a 4.08 release was built so long after 4.5x was available. I guess
>now I know.
I can't speak to the truth or falsity or plausibility of some of the
claims here, but there is a general point: modularization.
There is no real reason for crypto to be built into complex products,
at least not when those products are well-suited for handling text
(and even files).
If speech is in the form of ASCII (or even MIME) text, then
end-to-end crypto can be done using fairly basic (and hence more
easily verfied, audited, and tested by time) modules which are NOT
PART OF THE MORE COMPLEX PRODUCT.
To wit, who really cares whether Netscape 4.08 or 4.07 has crypto
built in so long as a robust, non-trapdoored crypto program is
available/
We lose a lot of the advantages of orthogonality (independent
programs, modules) when we seek "all in one" solutions. And we make
the job of the NSA and SDECE and GCHQ spooks a lot easier when we
adopt all-in-one solutions.
--Tim May
--
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May | Crypto Anarchy: encryption, digital money,
ComSec 3DES: 831-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA | knowledge, reputations, information markets,
"Cyphernomicon" | black markets, collapse of governments.
More information about the cypherpunks-legacy
mailing list