1997-10-17 - Re: consensus on pgp? can we consolidate for action?

Header Data

From: Bill Stewart <stewarts@ix.netcom.com>
To: “Attila T. Hun” <cypherpunks@cyberpass.net
Message Hash: 6b2278b162ee3221cb776c034a0376ca4c2a6ec00d8f8e0d31a44d1c5911b05d
Message ID: <3.0.3.32.19971017011816.00704ffc@popd.ix.netcom.com>
Reply To: <19971016.032545.attila@hun.org>
UTC Datetime: 1997-10-17 09:30:04 UTC
Raw Date: Fri, 17 Oct 1997 17:30:04 +0800

Raw message

From: Bill Stewart <stewarts@ix.netcom.com>
Date: Fri, 17 Oct 1997 17:30:04 +0800
To: "Attila T. Hun" <cypherpunks@cyberpass.net
Subject: Re: consensus on pgp? can we consolidate for action?
In-Reply-To: <19971016.032545.attila@hun.org>
Message-ID: <3.0.3.32.19971017011816.00704ffc@popd.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain



At 08:40 AM 10/16/1997 +0000, Attila T. Hun wrote:
>    I have not seen any further discussion on my suggestion to
>    create a sendmail type daemon which implements DH between
>    mail clients. this, of course, is on the presumption that DH 
>    is a wrapper for an already encrypted packet, 

DH between mail clients and servers is a really fine idea if you're
starting from scratch, but sendmail is such a wretched hive of
crime, corruption, and villainy that nobody in their right mind
really wants to mess with it.  You could implement it as a sendmail
extension using the EHLO stuff, but you'd have to go get people
to adopt it widely once you'd done it; I suppose if you could talk
Netscape and Eudora into adding DH exchange to their client code
and get it into a few popular servers, you'd have a large fraction 
of the Internet's email encrypted, which would be a Good Thing.
It'd still have some major traffic analysis issues,
and if you want to deal with the Man In The Middle problem,
you need a key distribution infrastructure, which is much harder.

An alternative approach is to encrypt everything using IPSEC,
and you don't have to mess with Sendmail, but there are
performance issues, and there's a lot of work getting it deployed also.
				Thanks!
					Bill
Bill Stewart, stewarts@ix.netcom.com
Regular Key PGP Fingerprint D454 E202 CBC8 40BF  3C85 B884 0ABE 4639






Thread