1995-10-27 - Re: CJR returned to sender

Header Data

From: Derek Atkins <warlord@MIT.EDU>
To: Michael Froomkin <froomkin@law.miami.edu>
Message Hash: cb6cf2dbf289e0c2729b5edc482a2d248289324adf8ed1fb368550afa71ed8b3
Message ID: <199510271718.NAA07989@toxicwaste.media.mit.edu>
Reply To: <Pine.SUN.3.91.951027100225.10892F-100000@viper.law.miami.edu>
UTC Datetime: 1995-10-27 18:19:53 UTC
Raw Date: Sat, 28 Oct 1995 02:19:53 +0800

Raw message

From: Derek Atkins <warlord@MIT.EDU>
Date: Sat, 28 Oct 1995 02:19:53 +0800
To: Michael Froomkin <froomkin@law.miami.edu>
Subject: Re: CJR returned to sender
In-Reply-To: <Pine.SUN.3.91.951027100225.10892F-100000@viper.law.miami.edu>
Message-ID: <199510271718.NAA07989@toxicwaste.media.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain


> If anyone from MIT is reading this, it would be a real public service to 
> put on a web site (a) what the system used for the release of PGP is 
> exactly and (b) what assurances (oral, written, names & dates) was 
> received from State/Commerce that this was legal.

I can explain (and have explained in this forum) the technical aspect
of how the MIT PGP site works.  I was not involved in the law aspect
of the debate, so I cannot answer legal questions.

There is a two-tiered protection scheme.  The first scheme is that you
need to know the secret directory where PGP resides.  This directory
changes location every 30 minutes, so any attacker has a 30 minute
window in which a name will be valid.  Not 30 minutes from the time
they receive it, 30 minutes from the time the directory last changed
names.

The second scheme involves using reverse DNS lookups and comparing the
DNS hostname to a list of know US-valid hostnames/domains.

An attacker needs to be able to circumvent both schemes at once in
order to get to PGP.

I can go into more detail if people want, or I can take this offline
if people prefer.

-derek

Thread

• Return to October 1995

• Return to November 1995

• Return to “Derek Atkins <warlord@MIT.EDU>”
• Return to “djw@pdcorp.com (Dan Weinstein)”
• Return to “Hal <hfinney@shell.portal.com>”
• Return to “hallam@w3.org”
• Return to “Jeff Weinstein <jsw@netscape.com>”
• Return to ““K. M. Ellis” <kelli@zeus.towson.edu>”
• Return to “Mats Bergstrom <asgaard@sos.sll.se>”
• Return to “Michael Froomkin <froomkin@law.miami.edu>”
• Return to ““Perry E. Metzger” <perry@piermont.com>”
• Return to ““Peter D. Junger” <junger@pdj2-ra.F-REMOTE.CWRU.Edu>”
• Return to “sameer <sameer@c2.org>”
• Return to “Scott Brickner <sjb@universe.digex.net>”

• Return to “tcmay@got.net (Timothy C. May)”

• 1995-10-25 (Tue, 24 Oct 95 23:21:12 PDT) - Re: CJR returned to sender - tcmay@got.net (Timothy C. May)
  • 1995-10-25 (Wed, 25 Oct 95 00:31:22 PDT) - Re: CJR returned to sender - sameer <sameer@c2.org>
  • 1995-10-25 (Wed, 25 Oct 95 05:54:51 PDT) - The real value of munition t-shirts (Re: CJR returned to sender) - “K. M. Ellis” <kelli@zeus.towson.edu>
  • 1995-10-25 (Wed, 25 Oct 95 07:05:43 PDT) - Re: CJR returned to sender - Michael Froomkin <froomkin@law.miami.edu>
    • 1995-10-25 (Wed, 25 Oct 95 09:53:17 PDT) - Re: CJR returned to sender - “Perry E. Metzger” <perry@piermont.com>
      • 1995-10-25 (Wed, 25 Oct 95 12:03:29 PDT) - Re: CJR returned to sender - Michael Froomkin <froomkin@law.miami.edu>
    • 1995-10-26 (Thu, 26 Oct 1995 19:41:12 +0800) - Re: CJR returned to sender - “Peter D. Junger” <junger@pdj2-ra.F-REMOTE.CWRU.Edu>
  • 1995-10-26 (Thu, 26 Oct 1995 14:45:30 +0800) - Re: CJR returned to sender - Jeff Weinstein <jsw@netscape.com>
  • 1995-10-26 (Fri, 27 Oct 1995 01:33:44 +0800) - Re: CJR returned to sender - Hal <hfinney@shell.portal.com>
    • 1995-10-26 (Fri, 27 Oct 1995 03:50:26 +0800) - Re: CJR returned to sender - “Perry E. Metzger” <perry@piermont.com>
  • 1995-10-26 (Fri, 27 Oct 1995 06:17:50 +0800) - Re: CJR returned to sender - Jeff Weinstein <jsw@netscape.com>
    • 1995-10-27 (Fri, 27 Oct 1995 10:44:45 +0800) - Re: CJR returned to sender - “Peter D. Junger” <junger@pdj2-ra.F-REMOTE.CWRU.Edu>
      • 1995-10-27 (Fri, 27 Oct 1995 22:38:28 +0800) - Re: CJR returned to sender - Michael Froomkin <froomkin@law.miami.edu>
        • 1995-10-27 (Fri, 27 Oct 1995 23:47:33 +0800) - Re: CJR returned to sender - “Perry E. Metzger” <perry@piermont.com>
          • 1995-10-27 (Sat, 28 Oct 1995 01:26:09 +0800) - FTP export walls - Mats Bergstrom <asgaard@sos.sll.se>
        • 1995-10-27 (Sat, 28 Oct 1995 02:19:53 +0800) - Re: CJR returned to sender - Derek Atkins <warlord@MIT.EDU>
        • 1995-10-28 (Fri, 27 Oct 95 17:47:15 PDT) - Re: CJR returned to sender - djw@pdcorp.com (Dan Weinstein)
          • 1995-11-01 (Wed, 1 Nov 1995 08:02:46 +0800) - Re: CJR returned to sender - Scott Brickner <sjb@universe.digex.net>
            • 1995-11-01 (Wed, 1 Nov 1995 09:13:58 +0800) - Re: CJR returned to sender - Hal <hfinney@shell.portal.com>
              • 1995-11-01 (Wed, 1 Nov 1995 10:48:37 +0800) - Re: CJR returned to sender - hallam@w3.org