From: Adam Shostack <adam@bwh.harvard.edu>
Date: Mon, 19 Dec 94 15:37:35 PST
To: andrew_loewenstern@il.us.swissbank.com (Andrew Lowenstern)
Subject: Re: c'punks top 5
In-Reply-To: <9412192242.AA02002@ch1d157nwk>
Message-ID: <199412192332.SAA00946@spl.bwh.harvard.edu>
MIME-Version: 1.0
Content-Type: text/plain


Andrew wrote:

| 1.  anonymous http proxy servers ("re-webbers")
| 2.  PGP compatible crypto library

	Whats wrong with PGPtools?  (A lack of documentation.  Been a
while since I looked, but I think it lacked a high level interface.
The low level stuff is great, but on the mac, I can send an Appleevent
"Encrypt *file recipient" and, some extended period later, get a
response.

| 3.  reply-able remailers that are secure and easier for the recipient
| 4.  better remailer security (dc-nets)
| 5.  socket-based keyserver interface for real-time automagic key
|     fetches

	Who needs real time?  The servers are often bogged down and
don't respond in real time anyway.  The following procmail works fine.
Theres also a short shell script at the end.

# prevent bounces, add keys to ring.
:0
* From bal@swissnet.ai.mit.edu
{
   :0
   * >10000
   /dev/null

   :0
   *Subject:.*no keys match
   /dev/null

   :0E
   | pgp +batchmode -fka 
}


# auto key retreival
# I have an elm alias, pgp, points to a keyserver
# The logfile gets unset briefly to keep the elm lines out of my
# logfile.


:0BW
* -----BEGIN PGP
*!^FROM_DAEMON
KEYID=|/usr3/adam/bin/sender_unknown

LOGFILE=

:0ac
|elm -s"mget $KEYID" pgp

LOGFILE=$MAILDIR/.procmail.log



 /usr3/adam/bin/sender_unknown:

#!/bin/sh
# unknown returns a keyid, exits 1 if the key is known
# $output is to get the exit status. Othierwise, this would be a one liner.
OUTPUT=`pgp -f +VERBOSE=0 +batchmode  -o /dev/null`
echo $OUTPUT | egrep -s 'not found in file'
EV=$? 
if [ $EV -eq 0 ]; then 
	echo $OUTPUT | awk '{print $6}' 
fi
exit $EV






-- 
"It is seldom that liberty of any kind is lost all at once."
						       -Hume