From: Marc Horowitz <marc@cam.ov.com>
Date: Tue, 1 Aug 95 13:36:30 PDT
To: fc@all.net (Dr. Frederick B. Cohen)
Subject: Re: What do I use?
In-Reply-To: <9508012013.AA14958@all.net>
Message-ID: <199508012037.QAA18078@dun-dun-noodles.cam.ov.com>
MIME-Version: 1.0
Content-Type: text/plain


In message <9508012013.AA14958@all.net>, fc@all.net (Dr. Frederick B. Cohen) writes:

>> I never recommend a solution without knowing a fair amount about the
>> specific challenge it is supposed to address.  I typically start with
>> an understanding of the general environment, the financial and/or
>> human issues, the threat profile, the protection environment, the
>> other dependencies and protection factors, and other factors related
>> to the reasons for protection.  Once I have this understanding, I make
>> value judgements about how much I trust things relative to the
>> requirement for trust and other limitations presented by the
>> situation.

Ok.  IMHO, that's a perfectly valid position.  Under what
circumstances do you consider pgp to be a suitable tool?  Do you think
there is a better tool under similar circumstances?

		Marc