From: "Erik E. Fair" (Timekeeper) <fair@cesium.clock.org>
Date: Wed, 21 Aug 1996 08:52:55 +0800
To: Simon Spero <ses@tipper.oit.unc.edu>
Subject: Re: Securing Internet mail at the MTA level
In-Reply-To: <v02140b24ae3fa8d7849e@[17.255.9.110]>
Message-ID: <7314.840575777@cesium.clock.org>
MIME-Version: 1.0
Content-Type: text/plain


While I agree in general, I think I'd rather see effort spent on
getting everyone on message security first, and worry about traffic
analysis later. My fear is that, having attempted (since it's unlikely
we'll ever manage to get 100%) to secure the transport, people will
stop worrying about message security, and let that slide.

To put it another way, the first order of business is to prevent
everyone from reading the mails. We can afford to worry about second
order effects like traffic analysis after message security is well
under way (say, 50% of all nominally private message traffic is
encrypted).

Or, put it yet another way: time for everyone to host a PGP key
signing party for your friends, neighbors, and co-workers!

	Erik E. Fair    fair@clock.org