From: Adam Shostack <adam@lighthouse.homeport.org>
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Message Hash: 5ace9aa67bf0456a576773001597f049854d397ea1fa1c15c8ea4443fa02977f
Message ID: <199511291558.KAA15623@homeport.org>
Reply To: N/A
UTC Datetime: 1995-11-29 16:08:09 UTC
Raw Date: Thu, 30 Nov 1995 00:08:09 +0800
From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Thu, 30 Nov 1995 00:08:09 +0800
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: key for Alice as promised (not)
Message-ID: <199511291558.KAA15623@homeport.org>
MIME-Version: 1.0
Content-Type: text
> > >Can you imagine?? I'm simply not willing to fool myself into thinking
> > >that I ahve security by posting a key and using PGP.
> >
> > Unless you can post some proof that PGP is insecure, stop insisting it is.
>
> PGP is really not the issue. The issue is more my security and the
> environment that I use PGP in. I don't have a trusted machine to run PGP
> on. Anyone who wants to can come up to machine and copy my secret keyring
> or they can even watch me typing my password in.
Threat, please?? Do people often stand over your shoulder as
you type? Enter your office, point guns at you, and take a backup of
your entire computer? Have you considered putting the secret keyring
on a floppy and locking it in your desk/safe when you're not actually
in the office? (Or home..)
> So, I don't fool myself, and I don't use PGP, except for things like
> exchanging a one-time pad with someone when I've already sent the message
> out across another delivery mechanism, like on a floppy delivered my
> courier.
I don't follow. You're claiming that PGP is good enough to
transfer OTPads, but not good enough to sign pseudononymous messages?
Adam
--
"It is seldom that liberty of any kind is lost all at once."
-Hume
Return to November 1995
Return to “Adam Shostack <adam@lighthouse.homeport.org>”
1995-11-29 (Thu, 30 Nov 1995 00:08:09 +0800) - Re: key for Alice as promised (not) - Adam Shostack <adam@lighthouse.homeport.org>