From: Thomas Grant Edwards <tedwards@src.umd.edu>
To: bshantz@spry.com
Message Hash: 61ec5f23f940189bbf6165d98635c177643ed76745d41bad127de9955ae4e48c
Message ID: <Pine.SUN.3.91.941221144645.27493A-100000@zydeco.src.umd.edu>
Reply To: <199412211837.KAA09590@homer.spry.com>
UTC Datetime: 1994-12-21 19:54:59 UTC
Raw Date: Wed, 21 Dec 94 11:54:59 PST
From: Thomas Grant Edwards <tedwards@src.umd.edu>
Date: Wed, 21 Dec 94 11:54:59 PST
To: bshantz@spry.com
Subject: Re: GUI: PGP vs novices
In-Reply-To: <199412211837.KAA09590@homer.spry.com>
Message-ID: <Pine.SUN.3.91.941221144645.27493A-100000@zydeco.src.umd.edu>
MIME-Version: 1.0
Content-Type: text/plain
On Wed, 21 Dec 1994 bshantz@spry.com wrote:
> It is my own personal opinion that in order for crypto to truly become
> mainframe, the software manufacturers of internet connectivity packages must
> integrate crypto into the applications. Look at the past threads here on
> Cypherpunks..."How do I write a script to put PGP into ELM?" "PGP DLL
> modularity" etc.
That's true to some extent. I'd love to be able to have every message I
want signed and encrypted from PINE automagically. I could implement
this by requiring keystrokes at the editor level. But that isn't the
entire issue...
On the issue of signing, there is another question. Do I really want
to sign every message? I don't like signing my written name anywhere I
don't have to. And whenever I do, I am careful to look at all the
potential consequences. Signatures imply I am agreeing to some kind of
contract. Perhaps I prefer my email unsigned, to give me a level of
disputability. If my email was a business contract, then I'd be
enthusiastic about signing it. But for a post to a political newsgroup,
for instance, perhaps I don't want to make sure everybody can
cryptographically assure themselves it comes from me. This leaves me
open to potential forgery, but email forgery is well known and understood.
Finally is physical security of keys. If I am going to sign anything, I
want that key to be under control of only me. It is difficult for
someone like me who uses workstations to keep a key only on floppy,
especially as I find myself on different workstations, many diskless, all
the time.
-Thomas
Return to December 1994
Return to “Thomas Grant Edwards <tedwards@src.umd.edu>”