From: Paul Elliott <paul.elliott@hrnowl.lonestar.org>
To: gnu%toad.com.cypherpunks@toad.com (John Gilmore) (cypherpunks mailing list)
Message Hash: 3c22c94d84d34c23313048fe26b18165632d423a54f2c8ed0598e5cb83bc1564
Message ID: <315db746.flight@flight.hrnowl.lonestar.org>
Reply To: <9603260842.AA07183@toad.com>
UTC Datetime: 1996-03-31 06:45:00 UTC
Raw Date: Sun, 31 Mar 1996 14:45:00 +0800
From: Paul Elliott <paul.elliott@hrnowl.lonestar.org>
Date: Sun, 31 Mar 1996 14:45:00 +0800
To: gnu%toad.com.cypherpunks@toad.com (John Gilmore) (cypherpunks mailing list)
Subject: Re: MUSE (Mail Ubiquitous Security Extensions) discussion starting
In-Reply-To: <9603260842.AA07183@toad.com>
Message-ID: <315db746.flight@flight.hrnowl.lonestar.org>
MIME-Version: 1.0
Content-Type: text/plain
-----BEGIN PGP SIGNED MESSAGE-----
>
> Don Eastlake has written an internet-draft proposing to add signatures
> and encryption to the Internet mail-delivery system. The two big
> differences between his proposal and past proposals are:
>
> * They work at the "sendmail" level, not at the "mail reader"
> level. This doesn't give your mail complete end-to-end protection
> (unless you use "mail reader" encryption like S/MIME or PGP).
> But it's a lot easier to install and maintain; your sysadmin
> can do it for your whole site, instead of having to retrain
> every user.
>
One obvious problem with this is that since sendmail runs
at all times of day or night and since sendmail must have
the decryption keys, this means that the decryption keys may
be in the memory of a computer that may be unattended.
This scheme may be useful for its convenience, but many
users will only be willing to turst the computer with their keys
while there messages are actually being decrypted in their
presence.
Thus, many users will want to super encrypt with their own
personal keys.
Thus I believe that the above scheme should be implemented
for mail security between sites, but it should not be viewed
as a total solution.
- --
Paul Elliott Telephone: 1-713-781-4543
Paul.Elliott@hrnowl.lonestar.org Address: 3987 South Gessner #224
Houston Texas 77063
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3
Charset: cp850
iQCVAgUBMV229/BUQYbUhJh5AQFrIgP/eejmxUvAiRtJQfkHyrIZflQ6tQBz1PuB
Oxl31K+xnIYmpgIJHb2M+flpeTlOE+6DyIf3ZTB3UMHRqT1v5VrVmDy0ByrukrjF
KRbJTLO2yuDadZKEGKrm+n1FAleCpwuoQJTem7S5XQQts6FCscqaII61HNBkSC0V
JkDwN8ouYsk=
=YUcS
-----END PGP SIGNATURE-----
Return to March 1996
Return to “Paul Elliott <paul.elliott@hrnowl.lonestar.org>”