From: hughes@ah.com (Eric Hughes)
Date: Tue, 15 Feb 94 07:15:55 PST
To: cypherpunks@toad.com
Subject: PGP
In-Reply-To: <199402150738.XAA23905@netcom9.netcom.com>
Message-ID: <9402151507.AA22084@ah.com>
MIME-Version: 1.0
Content-Type: text/plain


A simple question:

>> Could someone EMAIL me where I could get a copy of PGP for my Netcom
>> account?  Thanks.  

An answer:

>I would like to emphasize that it is useless and a jeopardy to those
>who communicate with anyone on a public connect service such as Netcom
>using PGP.

Another rule of thumb I have:

	Never force someone to act in their own best interest.

How do you know what the best interests of someone else are?  How do
you know when they change?  Calling PGP on netcom "useless" is blind
foolishness.  Using PGP on netcom does not protect against netcom
administration or netcom access hackers, fine.  That does not make it
useless.

Did you ask who the correspondent was?  Perhaps the protection is
against a sysadmin on the _other_ end of the conversation.  Did you
ask if security is really needed?  Perhaps the person wishes to
practice and to integrate PGP into their software system.

Any potential "jeapordy" is contingent upon something bad happening as
a result of revelation on the netcom end.  This situation is not
always true, and likely not usually true.

>I don't mean to flame.  The danger and futility of using PGP on a
>multi-user, networked system seems non-obvious to a lot of folks.

You may not mean to flame, but you were indeed flaming:

	useless, jeapordy, danger, futility

Not one of these words is justified without more information about the
PGP user and their situation.

There are certainly risks involved in the stated use of PGP.
Sometimes these risks constitute a barrier to prudent use, sometimes
they do not.

Eric