1994-08-25 - Re: Using PGP on Insecure Machines

Header Data

From: p.v.mcmahon.rea0803@oasis.icl.co.uk
To: cypherpunks@toad.com
Message Hash: c01c482156983a15dec06215d1c9f74ec0e994d7e112bdc7292c001011b56ef0
Message ID: <9408251730.AA13571@getafix.oasis.icl.co.uk>
Reply To: N/A
UTC Datetime: 1994-08-25 17:29:45 UTC
Raw Date: Thu, 25 Aug 94 10:29:45 PDT

Raw message

From: p.v.mcmahon.rea0803@oasis.icl.co.uk
Date: Thu, 25 Aug 94 10:29:45 PDT
To: cypherpunks@toad.com
Subject: Re: Using PGP on Insecure Machines
Message-ID: <9408251730.AA13571@getafix.oasis.icl.co.uk>
MIME-Version: 1.0
Content-Type: text/plain








James Hightower writes:
 
> Which brings me to the question; "What ARE people using, and what are
> they GOING to use?" Can anyone point me to a survey of the most used
 
> Consumer will be using so that we can be there with strong, usable
  ^^^^^^^^
    Who?

> crypto when he gets there.
                      ^^^^^
                      Where?

Or less tersely, which users of messaging are you interested in providing
crypto for? 

Apart from the Defence sector, there seem to be three main 
communities:

1 "Formal" inter-business electronic messaging using commercial
  value-added networks (VANs) - which are perceived as secure - and
  associated user agent software (which varies greatly). About fifty
  thousand North American companies are "there" already (for EDI,
  and at a cost). Leakage (due to high VAN costs) of formal
  messaging business from VANs onto the insecure Internet is not yet
  significant - although CommerceNet will doubtless fix that.

2 Intra-organisation nessaging based on LAN or corporate workflow and
  email systems. This has built both bottom-up and downwards (e.g. from
  PROFS or equivalent). The prevalent software is diverse, proprietary and
  volume. I don't have total market figures to hand, but as an example, the
  11JUL94 Government Computer News ranks MS Mail (Windows 3), cc:Mail
  (Windows), cc:Mail(DOS), MS Mail (PC Networks), and WordPerfect Office
  as the most preferred e-mail packages amongst Federal users. I would
  expect a similar list in most commercial email-enabled organisations
  (with the addition of Lotus Notes). Varying security facilities are 
  bundled within these packages already.

3 The "informal messaging" sector (including most Internet traffic).
  The associated software is more diverse and "open", but its users
  have a marginal and/or occasional need for end-to-end / message-transfer
  security.

Note: for both 1 and 2, an "insecure machine" (i.e.: with administrative 
intrusion potential into an individual's messaging security) is more likely
a requirement than a problem for medium/large corporations - as management
supervision and control over information assets need to be possible.

--

Tim May writes:

> I had assumed the poll was of *us*, which is both a manageable poll to
> take, and a useful one.

What would be done with the results?

---

James A. Donald says:

> High Tech industry has considerable experience with surveys of
> consumers for nonexistent products.
> 
> Such surveys are useless at best, and dangerous at worst.

On the other hand, how else do you find out whether a sufficiently
serious market exists to warrant investment in developing / productising
a technology ?


- pvm







Thread