From: Eric Hughes <hughes@soda.berkeley.edu>
To: cypherpunks@toad.com
Message Hash: 3e1735e0a8e172c942c2f35d934ddf647ef5c97007e6978b2e39a8506dc6808b
Message ID: <9210172209.AA29900@soda.berkeley.edu>
Reply To: <9210170556.AA009js@fnordbox.UUCP>
UTC Datetime: 1992-10-17 22:10:14 UTC
Raw Date: Sat, 17 Oct 92 15:10:14 PDT
From: Eric Hughes <hughes@soda.berkeley.edu>
Date: Sat, 17 Oct 92 15:10:14 PDT
To: cypherpunks@toad.com
Subject: Keystone
In-Reply-To: <9210170556.AA009js@fnordbox.UUCP>
Message-ID: <9210172209.AA29900@soda.berkeley.edu>
MIME-Version: 1.0
Content-Type: text/plain
First, let me congratulate Loyd and the others involved with Keystone
for working towards the creation of a local distribution mechanism for
keys.
Every city in the U.S. needs something like this. If it's not
happening in your area, start it. Start by getting PGP and making your
own key. Then exchange keys with people you know.
We have members of the list in many parts of the U.S., Canada, and
Europe. There's plenty of work to do. Look around. If no one else
is doing this, you should.
>Ideally, you would be able to send RSA-encrypted email from any bbs
>on any of the local nets to any other bbs -- even if all you know is
>the destination address. We're going to do this by attempting to make
>the bbs PGP-friendly. All the user has to do is generate a key pair.
There are, roughly speaking, two kinds of privacy; one is provided,
and one is defended. Provided privacy is unstable, since the person
using the privacy does not create it. Defended privacy is stable,
because those who want privacy create it themselves to the level at
which they want it. Both systems do provide privacy, no mistake.
I would be hesitant to implement a system that _only_ required a user
to generate a key pair. This, for the users, is too much provided
privacy. It will not teach the users how privacy really works, nor
will it give them any good idea how their privacy is being maintained.
Defended privacy does not need to be difficult. I would spend effort,
instead of modifying BBS software, to make it easier for users to
handle encrypted email with their own terminal programs.
Now, any privacy is better than none. I don't really know if it is
easier to modify your BBS or your modem program. But all other things
being equal, make it easier for users to maintain their own privacy.
>[...] a master keyring that will be regularly distributed via a
>trusted system to other nodes in town.
Again, trusted systems can turn into provided privacy. If there is a
distributed solution you can think up, use it.
>The first [weak link, line security] is almost insurmountable --
>unless the user takes the time to d/l a complete copy of PGP and the
>Austin Keystone Keyring and encrypt the mail on their home system.
This should not be such an onerous task. It might be now, but that
can change. Finding ways for users to manage keys, to get keys, and
to look up keys are all interesting and useful problems to solve.
Every user should encrypt outgoing mail on the home system before it
leaves and decrypt incoming mail on the home system after it arrives.
If this is not easy, it should be made easy.
Not every user need have the complete directory on their own system.
They merely need a way to communicate with those that they want to.
This probably means a directory service, where people can download
keys for the people they want to communicate with. Moving around a
complete directory does not scale well.
As far as BBS support, if I want to respond to someone and I don't
have the corresponding key, I should be able to initiate a zmodem
transfer of that key relatively easily, for instance without leaving
the discussion area to go to a download area.
Eric
Return to October 1992
Return to “fnordbox!loydb@cs.utexas.edu (Loyd Blankenship)”