On Monday 23 September 2002 08:12 am, F J Franklin wrote: > I don't think so. On the subject, what types of encryption would you > consider appropriate/sufficient/adequate? In the case of > public/private key encryption, how should AbiWord handle it (if/when > it does)? > > A thought: encrypting on export with author's private key, with a > URL for the author's public key - which gets loaded automatically on > import? Optionally vice versa. (Need to check the W3C's encryption > standard.) >
Interesting -- what you describe it the way to authenticate (that is, guarantee that what is read was written by the purported author) -- however, it does nothing for keeping the contents a secret -- anyone with the author's public key can read it -- so I would say this is definitely backwards for that purpose. There is probably a need to support several possibilities: For authentication: * encrypt with the author's private key -- anybody can view contents with author's public key, but if the author's public key has been properly "safeguarded / authenticated" you can be sure it was written by the author For personal secrecy: * encrypt with the author's public key -- only the author can read it (using his private key) For "transactional" secrecy: * encrypt with the addressee's public key -- only the addressessee can read it (using his private key) And, if you are sending a secret to multiple addressees, I'm sure there is a way to handle it, but we should learn what it is -- having several different encryptions of the same message may make it easier to break the encryptions (I'm not really sure) -- you may have to do something like encrypt it with your private key and then send separate copies encrypted with each addressee's public key. All of this has been considered "in the literature" and AbiWord should conform to the appropriate standards (whatever they are). Randy Kramer ----------------------------------------------- To unsubscribe from this list, send a message to [EMAIL PROTECTED] with the word unsubscribe in the message body.
