1994-08-24 - Re: PGP use

Header Data

From: Rick Busdiecker <rfb@lehman.com>
To: “Timothy C. May” <tcmay@netcom.com>
Message Hash: 04214c5e509d8d7e721ee20a4f144c0b533c9733359d31035af22a5b7a236353
Message ID: <9408242350.AA12962@fnord.lehman.com>
Reply To: <199408240837.BAA25937@netcom14.netcom.com>
UTC Datetime: 1994-08-24 23:58:40 UTC
Raw Date: Wed, 24 Aug 94 16:58:40 PDT

Raw message

From: Rick Busdiecker <rfb@lehman.com>
Date: Wed, 24 Aug 94 16:58:40 PDT
To: "Timothy C. May" <tcmay@netcom.com>
Subject: Re: PGP use
In-Reply-To: <199408240837.BAA25937@netcom14.netcom.com>
Message-ID: <9408242350.AA12962@fnord.lehman.com>
MIME-Version: 1.0
Content-Type: text/plain


    From: "Timothy C. May" <tcmay@netcom.com>
    Date: Wed, 24 Aug 1994 01:37:39 -0700 (PDT)
    
    What is being missed here is the issue of where the PGP operations are
    being done. If done on a machine outside the direct control of the
    user, obvious security holes exist.

I don't suppose that you'd care to describe a situation with
absolutely no security holes, would you?

If not, can we conclude that any attempt to do anything related to
security is, in your opinion, silly?

What's wrong with the following approach:
 - Try to control what you can control.
 - Try to recognize what you cannot control.
 - Try to reduce the second set in favor of the first.

Using PGP on Unix systems where you are not root *does* have a place
in this framework.

			Rick

Thread

• Return to August 1994

• Return to “alex <cp@omaha.com>”
• Return to “cactus@bb.com (L. Todd Masco)”
• Return to “Carl Ellison <cme@tis.com>”
• Return to “Dave Horsfall <dave@esi.COM.AU>”
• Return to “hughes@ah.com (Eric Hughes)”
• Return to “jamesd@netcom.com (James A. Donald)”
• Return to “jamesh@netcom.com (James Hightower)”
• Return to “jkreznar@ininx.com (John E. Kreznar)”
• Return to “khijol!erc@apple.com (Ed Carp [Sysadmin])”
• Return to “Linn Stanton <lstanton@sten.lehman.com>”
• Return to “NetSurfer <jdwilson@gold.chem.hawaii.edu>”
• Return to “paul@poboy.b17c.ingr.com (Paul Robichaux)”
• Return to ““Perry E. Metzger” <perry@imsi.com>”
• Return to “Philip Zimmermann <prz@acm.org>”
• Return to “pstemari@bismark.cbis.com (Paul J. Ste. Marie)”
• Return to “Rick Busdiecker <rfb@lehman.com>”
• Return to “strick – henry strickland <strick@versant.com>”

• Return to “tcmay@netcom.com (Timothy C. May)”

• 1994-08-23 (Tue, 23 Aug 94 15:07:50 PDT) - Zimmermann/NSA debate postponed - Philip Zimmermann <prz@acm.org>
  • 1994-08-23 (Tue, 23 Aug 94 16:42:52 PDT) - Re: Zimmermann/NSA debate postponed - Rick Busdiecker <rfb@lehman.com>
    • 1994-08-24 (Tue, 23 Aug 94 17:03:56 PDT) - Re: Zimmermann/NSA debate postponed - strick – henry strickland <strick@versant.com>
    • 1994-08-24 (Tue, 23 Aug 94 17:48:32 PDT) - Re: Zimmermann/NSA debate postponed - tcmay@netcom.com (Timothy C. May)
      • 1994-08-24 (Tue, 23 Aug 94 20:14:16 PDT) - Re: Zimmermann/NSA debate postponed - khijol!erc@apple.com (Ed Carp [Sysadmin])
      • 1994-08-24 (Tue, 23 Aug 94 21:01:06 PDT) - Re: Zimmermann/NSA debate postponed - Rick Busdiecker <rfb@lehman.com>
        • 1994-08-24 (Tue, 23 Aug 94 21:41:28 PDT) - Re: Zimmermann/NSA debate postponed - tcmay@netcom.com (Timothy C. May)
          • 1994-08-24 (Tue, 23 Aug 94 22:11:13 PDT) - Re: Zimmermann/NSA debate postponed - cactus@bb.com (L. Todd Masco)
            • 1994-08-24 (Tue, 23 Aug 94 23:46:28 PDT) - Using PGP on Insecure Machines - tcmay@netcom.com (Timothy C. May)
              • 1994-08-24 (Wed, 24 Aug 94 02:29:54 PDT) - Re: Using PGP on Insecure Machines - cactus@bb.com (L. Todd Masco)
              • 1994-08-24 (Wed, 24 Aug 94 06:36:05 PDT) - Re: Using PGP on Insecure Machines - “Perry E. Metzger” <perry@imsi.com>
                • 1994-08-24 (Wed, 24 Aug 94 09:44:10 PDT) - Re: Using PGP on Insecure Machines - khijol!erc@apple.com (Ed Carp [Sysadmin])
                  • 1994-08-24 (Wed, 24 Aug 94 11:37:19 PDT) - Re: Using PGP on Insecure Machines - paul@poboy.b17c.ingr.com (Paul Robichaux)
                    • 1994-08-25 (Wed, 24 Aug 94 20:38:02 PDT) - Re: Using PGP on Insecure Machines - khijol!erc@apple.com (Ed Carp [Sysadmin])
                  • 1994-08-24 (Wed, 24 Aug 94 14:42:38 PDT) - Re: Using PGP on Insecure Machines - cactus@bb.com (L. Todd Masco)
                • 1994-08-24 (Wed, 24 Aug 94 10:42:16 PDT) - Re: Using PGP on Insecure Machines - jamesh@netcom.com (James Hightower)
                  • 1994-08-24 (Wed, 24 Aug 94 11:29:35 PDT) - Re: Using PGP on Insecure Machines - tcmay@netcom.com (Timothy C. May)
                  • 1994-08-24 (Wed, 24 Aug 94 11:55:55 PDT) - Surveying consumer demand for the info highway - jamesd@netcom.com (James A. Donald)
              • 1994-08-24 (Wed, 24 Aug 94 09:45:45 PDT) - Re: Using PGP on Insecure Machines - khijol!erc@apple.com (Ed Carp [Sysadmin])
                • 1994-08-25 (Wed, 24 Aug 94 17:46:10 PDT) - Re: Using PGP on Insecure Machines - Dave Horsfall <dave@esi.COM.AU>
                  • 1994-08-25 (Thu, 25 Aug 94 00:03:12 PDT) - Re: Using PGP on Insecure Machines - NetSurfer <jdwilson@gold.chem.hawaii.edu>
                    • 1994-08-25 (Thu, 25 Aug 94 16:29:03 PDT) - Re: Using PGP on Insecure Machines - Dave Horsfall <dave@esi.COM.AU>
                  • 1994-08-25 (Thu, 25 Aug 94 06:49:46 PDT) - Knuth (was Using PGP on Insecure Machines) - pstemari@bismark.cbis.com (Paul J. Ste. Marie)
              • 1994-08-24 (Wed, 24 Aug 94 16:36:21 PDT) - Re: Using PGP on Insecure Machines - Rick Busdiecker <rfb@lehman.com>
                • 1994-08-25 (Thu, 25 Aug 94 06:34:38 PDT) - Re: Using PGP on Insecure Machines - Linn Stanton <lstanton@sten.lehman.com>
          • 1994-08-24 (Wed, 24 Aug 94 04:30:28 PDT) - Actually using strong crypto on a routine basis. - jkreznar@ininx.com (John E. Kreznar)
            • 1994-08-25 (Wed, 24 Aug 94 18:55:56 PDT) - Re: Actually using strong crypto on a routine basis. - tcmay@netcom.com (Timothy C. May)
      • 1994-08-24 (Wed, 24 Aug 94 01:05:28 PDT) - Re: Zimmermann/NSA debate postponed - Dave Horsfall <dave@esi.COM.AU>
        • 1994-08-24 (Wed, 24 Aug 94 01:37:38 PDT) - PGP use - tcmay@netcom.com (Timothy C. May)
          • 1994-08-24 (Wed, 24 Aug 94 16:58:40 PDT) - Re: PGP use - Rick Busdiecker <rfb@lehman.com>
        • 1994-08-24 (Wed, 24 Aug 94 06:37:35 PDT) - Re: Zimmermann/NSA debate postponed - “Perry E. Metzger” <perry@imsi.com>
      • 1994-08-28 (Sun, 28 Aug 94 01:15:45 PDT) - Re: Zimmermann/NSA debate postponed - Carl Ellison <cme@tis.com>
        • 1994-08-28 (Sun, 28 Aug 94 10:24:43 PDT) - Re: Zimmermann/NSA debate postponed - alex <cp@omaha.com>
          • 1994-08-29 (Mon, 29 Aug 94 00:16:00 PDT) - Zimmermann/NSA debate postponed - hughes@ah.com (Eric Hughes)