1995-10-31 - Re: Keyed-MD5, ITAR, and HTTP-NG

Header Data

From: James Black <black@eng.usf.edu>
To: Rich Graves <llurch@networking.stanford.edu>
Message Hash: 78903bdcd5eb3a5e09138b067097937e290bac5546d5345d50a937533039abc1
Message ID: <Pine.SUN.3.91.951030203059.17469B-100000@yes>
Reply To: <Pine.ULT.3.91.951030172150.26310H-100000@Networking.Stanford.EDU>
UTC Datetime: 1995-10-31 02:30:26 UTC
Raw Date: Tue, 31 Oct 1995 10:30:26 +0800

Raw message

From: James Black <black@eng.usf.edu>
Date: Tue, 31 Oct 1995 10:30:26 +0800
To: Rich Graves <llurch@networking.stanford.edu>
Subject: Re: Keyed-MD5, ITAR, and HTTP-NG
In-Reply-To: <Pine.ULT.3.91.951030172150.26310H-100000@Networking.Stanford.EDU>
Message-ID: <Pine.SUN.3.91.951030203059.17469B-100000@yes>
MIME-Version: 1.0
Content-Type: text/plain


Hello,

On Mon, 30 Oct 1995, Rich Graves wrote:

> On Mon, 30 Oct 1995, Doug Hughes wrote:
> 
> I would think that you would worry more about your users getting a false
> sense of security from storing secret keys on a large multiuser system
> than about being held liable for naughty PGP-encrypted traffic. I don't 
> see how you could be held liable anyway. How is PGP that much different 
> from allowing your users to set a password on their account? It makes it 
> harder for root to invade their privacy, but in general, we have very 
> stringent requirements that must be satisfied before we'll read user 
> directories or mail.

  As a student I am concerned with the false security, and that was 
mentioned while we were talking (today).  As to liability, it is 
important that no one can come back and hold the school liable.  Once the 
messages can be encrypted then it is harder to read the messages, but not 
impossible, unless the students keep the key on a disk, and just ftp it 
into the account everytime.  The fact is that that won't be the rule, so 
the admin can still read messages, but there will need to be clear-cut 
reasons for them to do that (IMOHO).  I am curious what requirements must 
be met.  I guess there are more schools that allow this than I expected 
<g>.  Well thanx for replying.  Take care and have fun.

James Black
black@suntan.eng.usf.edu





Thread