Interesting People mailing list archives
more on Are the encryption wars really over? Maybe not
From: David Farber <dave () farber net>
Date: Fri, 27 May 2005 12:38:49 -0400
Begin forwarded message: From: Ed Gerck <egerck () nma com> Date: May 27, 2005 8:33:46 AM EDT To: dave () farber net Cc: Ip ip <ip () v2 listbox com> Subject: Re: [IP] Are the encryption wars really over? Maybe not Declan, I guess we all know what is blocking email encryption. We can't say it's legislation, anymore. It's just too darn difficult to do. Downloading Java applets doesn't help much, and you end up having to do your own key management even if you pay for a cert. As I have commented elsewhere (crypto list), the public-key model isalso backwards for email. It is similar to having to ask you for an envelope before I can send you postal mail, and trusting YOUR envelope to be secure
for MY document! OTOH, using "password security" to encrypt email is notsecure at all and just makes the recipient of your emails open to spoofing
and phishing.I invite anyone to try without cost a new model called ZMail, which provides end-to-end encryption without the user having to bother with anything crypto, even though it uses keys and certs. After all, why should anyone bother to learn and use cryptography principles, key management, key validation and other technical concepts when all you want to do is send and receive email without
problems? BTW, there is no key escrow. The user's login credentials are not stored anywhere either, not even the sysadmin could break the user's privacy. To try, please go to https://zsentry.com/mail/register_user.html Comments are welcome. Cheers, Ed Gerck
From: Declan McCullagh <declan () well com> Date: May 25, 2005 10:09:53 PM EDT To: politech () politechbot comSubject: [Politech] Are the encryption wars really over? Maybe not [priv]...I wouldn't be surprised if such a law would permit non-escrowed crypto to be used to secure communication streams while requiring .gov backdoors in crypto used for hard drive or file encryption. In other words, GPG and PGPdisk might become verboten. Programmers might sensibly scoff, but that's the way the Feds think.
-- ________________________________________________ I use ZSentry Mail Secure Email https://zsentry.com/R/index.html/edgerck () nma com ------------------------------------- You are subscribed as lists-ip () insecure org To manage your subscription, go to http://v2.listbox.com/member/?listname=ip Archives at: http://www.interesting-people.org/archives/interesting-people/
Current thread:
- more on Are the encryption wars really over? Maybe not David Farber (May 27)