From: Martin Minow <minow@apple.com>
Date: Fri, 10 Oct 1997 01:43:57 +0800
To: cypherpunks@cyberpass.net
Subject: Re: What's really in PGP 5.5?
In-Reply-To: <de77e8eade35480a3e2553b5dbc0cd26@anon.efga.org>
Message-ID: <v03102801b062b6030c22@[17.128.202.170]>
MIME-Version: 1.0
Content-Type: text/plain



-----BEGIN PGP SIGNED MESSAGE-----

Anonymous, claiming to be Monty Cantsin, writes about PGP 5.5:
>
>Decrypting files and decrypting messages are not the same problem.
>The PGP product has SMTP support - it is explicitly designed to weaken
>transmitted messages.  Just like Clipper.
>
No, it isn't "just like Clipper." Messages encrypted with PGP 5.5
can be decrypted or verified by PGP 5.0 or other implementations that
can decode the PGP message and encryption format. Also, PGP 5.0 or other
complient implementations can send encrypted and signed messages to
PGP 5.5 users.

The transmitted message is as "weak" as the quality of the encryption,
the number of people who have access to the secret key, and the
quality of their passwords. It is also as "weak" as the physical
security that prevents passwords from leaking (i.e., by Tempest
or black bag wiretaps inside the secure user's workstation).

Given all of the other risks, encrypting to a corporate private
key doesn't seem to me to significantly increase the risk.

The real risk, to my view, is that some future implementation will
require the secondary key, and will require that that secondary
key be stored in a "government accessable" database. This, however,
seems a bit remote and, given that PGP publishes their source code,
reasonably easy to detect.

Martin Minow
minow@apple.com


-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.0
Charset: noconv

iQCVAwUBND0KUG23+ciinrc5AQGvMgP9HKE4s/3FbjfFpvfC230wvHkjDd2HWyC1
lhVa/i9ayO8pZC/k+V06pGTZLcZ89a4X2r3fQGjj0QNghuotkV9xVVD9AzLTLX88
YPp2DQWDCjkWq4PzBB8IR6c+rH6AbuqtDAhfas/Rto/9DI7EJWqi3dZbi7tFm7jj
g2nTAFk9VVo=
=DkbK
-----END PGP SIGNATURE-----