1994-11-29 - Re: Transparent Email

Header Data

From: eric@remailer.net (Eric Hughes)
To: cypherpunks@toad.com
Message Hash: d3e1e24efa6aa0f1838f2274431f96b3446baf57c2028f653c9abc9de7df2bb2
Message ID: <199411291608.IAA03269@largo.remailer.net>
Reply To: <199411290803.CAA00300@omaha.omaha.com>
UTC Datetime: 1994-11-29 15:10:01 UTC
Raw Date: Tue, 29 Nov 94 07:10:01 PST

Raw message

From: eric@remailer.net (Eric Hughes)
Date: Tue, 29 Nov 94 07:10:01 PST
To: cypherpunks@toad.com
Subject: Re: Transparent Email
In-Reply-To: <199411290803.CAA00300@omaha.omaha.com>
Message-ID: <199411291608.IAA03269@largo.remailer.net>
MIME-Version: 1.0
Content-Type: text/plain


   From: Alex Strasheim <alex@omaha.com>

re: signature checking at the toad.com server

   It seems to me that such a rule would stifle discussion and encourage 
   people to store their keys on insecure accounts.

Good!  That means they'll have generated a key.

One of the problems with cryptography generally is a prevailing
attitude that crypto isn't worth using unless it provides security as
complete as it can offer.  I reject this attitude.  Partial security
is better than no security.  Protection against some threats is better
than no protection.  Storing a key on a public machine is OK, just
fine, hunky-dory, just so long as it doesn't induce false beliefs
about a lack of protection from sysadmins and other roots.

   The real solution is to try to build tools which will make it so easy to 
   use crypto that there's simply no reason not to do it.

Sure.  No argument.

I will disagree, however, with a conclusion that insists that these
tools have to be the first to be built.  Partial progress is desirable.
Or to put it the words of the old homily:

Don't let the best become the enemy of the good.

Eric





Thread