From: pmetzger@shearson.com (Perry E. Metzger)
To: hughes@soda.berkeley.edu
Message Hash: 8a65c6cae89f7eebdee8e78ef9b1c3fb3db9b17901a1c57399dcbd6f934ea8e8
Message ID: <9211301806.AA08378@newsu.shearson.com>
Reply To: <9211301721.AA17060@soda.berkeley.edu>
UTC Datetime: 1992-11-30 19:49:21 UTC
Raw Date: Mon, 30 Nov 92 11:49:21 PST
From: pmetzger@shearson.com (Perry E. Metzger)
Date: Mon, 30 Nov 92 11:49:21 PST
To: hughes@soda.berkeley.edu
Subject: Secure key exchange
In-Reply-To: <9211301721.AA17060@soda.berkeley.edu>
Message-ID: <9211301806.AA08378@newsu.shearson.com>
MIME-Version: 1.0
Content-Type: text/plain
>From: Eric Hughes <hughes@soda.berkeley.edu>
>>There is no secure method of exchanging public keys using only the
>>net. [spoofing, etc.]
>As mentioned by Hal, the new PGP 2.1 (imminent) has a feature to
>create an hash or a public key which can be read over the telephone to
>make sure that a key transmitted electronically has not been altered
>in transmission.
Just to point out, though, this is not foolproof. A good impressionist
can fool people, especially if they are extremely skilled. A person
with Rich Little's or Peter Sellers' level of skill can sound
astonishingly like the original person (although a sound spectrograph
isn't fooled, other humans can be).
Perry
Return to November 1992
Return to “pmetzger@shearson.com (Perry E. Metzger)”