From: SINCLAIR  DOUGLAS N <sinclai@ecf.toronto.edu>
Date: Fri, 13 May 94 14:19:35 PDT
To: dichro@tartarus.uwa.edu.au (Mikolaj Habryn)
Subject: Re: Message Havens
In-Reply-To: <199405131858.CAA05191@lethe.uwa.edu.au>
Message-ID: <94May13.171923edt.13595@cannon.ecf.toronto.edu>
MIME-Version: 1.0
Content-Type: text/plain


> 	Seems to me that you should also have all of the messages to you 
> collated into one block, have some random length padding added, and then 
> encrypt the whole thing and send it back to you. If you have this all 
> done automatically by the server at the haven, then you may not even need 
> to call all of those random other messages down. That is, assuming you 
> trust the sysadmin of that haven, which is probably not the best of ideas.
The only problem I see here is that it requires the message haven
know your public key.  All sorts of man-in-the-middle attacks become
possible here.  I don't know that I'd trust a machine to do an intellegent
web-of-trust; it can't actually meet people at a conference and swap cards.