What email encryption is actually in use?
David Howe
DaveHowe at gmx.co.uk
Tue Oct 1 01:57:54 PDT 2002
at Monday, September 30, 2002 7:52 PM, James A. Donald
<jamesd at echeque.com> was seen to say:
> Is it practical for a particular group, for
> example a corporation or a conspiracy, to whip up its own
> damned root certificate, without buggering around with
> verisign? (Of course fixing Microsoft's design errors is
> never useful, since they will rebreak their products in new
> ways that are more ingenious and harder to fix.)
Yup. In fact, some IPSec firewalls rely on the corporate having a local
CA root to issue keys for VPN access. from there it is only a small step
to using the same (or parallel issued) keys for email security.
The problem there really is that the keys will be flagged as faulty by
anyone outside the group (and therefore without the root key already
imported), and that will usually only work in a semi-rigid hierachical
structure. There *is* an attempt to set up something resembling a Web of
trust using x509 certificiates, currently in the early stages at
nntp://news.securecomp.org/WebOfTrust
> I intended to sign this using Network Associates command line
> pgp, only to discover that pgp -sa file produced unintellible
> gibberish, that could only be made sense of by pgp, so that no
> one would be able to read it without first checking my
> signature.
you made a minor config error - you need to make sure clearsign is
enabled.
> I suggest that network associates should have hired me as UI
> design manager, or failing, that, hired the dog from down the
> street as UI design manager.
It's command line. Most cyphergeeks like command line tools powerful and
cryptic :)
More information about the cypherpunks-legacy
mailing list