From: Tatu Ylonen <ylo@cs.hut.fi>
Date: Thu, 13 Jul 95 15:42:14 PDT
To: hayden@krypton.mankato.msus.edu
Subject: Re: Crisis Overload (re Electronic Racketeering)
In-Reply-To: <Pine.ULT.3.91.950713140141.8587C-100000@krypton.mankato.msus.edu>
Message-ID: <199507132241.BAA18366@shadows.cs.hut.fi>
MIME-Version: 1.0
Content-Type: text/plain


> massive use of cryptography started.  This means, and I advocated this 
> from the day I entered this forum, that programs such as PGP need to be 
> redesigned so that the a user friendly . . . so user friendly that any 
> Joe Moron can figure out not only how to use them, but also how it helps 
> them and how it is "good" for them.  This means that we need simplified 
> key management easy enough for the point-and-click masses to utilize.  
> This means that common mailing programs, From Elm and Pine to AOLs and 
> Computer$erve's mailers need to have TRANSPARENT signing of mail messages 
> and near-transparent encryption of messages.  This means that we need to 

I agree.  If you forgive me for again taking the opportunity to
advertise SSH, one goal was to make it as simple to use as possible.
To get all the benefits of encryption and most benefits of improved
authentication, the users need to know absolutely nothing in addition
to what they need to know with rlogin.  Plus, there are many
convenient features, such as automatic X11 forwarding (encrypted;
DISPLAY is set to point to a fake display), command exit status is
returned properly, etc.

Of course, rlogin and rsh are much less important applications for the
general public than e-mail.  I think the currently the most critical
problem areas are exactly e-mail and interactive messaging programs
(like irc, rwrite etc).

Most mail (at least on the internet) is currently propagated
automatically from the sending host to the receiving host.  A fairly
simple, 90% of the benefit at 10% of the effort solution could be to
have sendmail (or equivalent) encrypt all communications that go
through the network.  This would make electronic mass surveillance and
scanning difficult.  It is much more expensive (and dangerous
publicity-wise) to read messages by breaking into a computer system.
This kind of system could be installed without the user even being
aware that something like that is in use.  It is not a perfect
solution - some sites will not support encryption, and some messages
might get sent without it.  Still, the bulk of the messages would be
encrypted, and any really sensitive data could be additionally PGP (or
similar) encrypted.  The procotol and implementation would have to be
well made and established as internet standards.

    Tatu Ylonen <ylo@cs.hut.fi>

For more information about SSH, see http://www.cs.hut.fi/ssh.