Duane wrote:
Physical security is as important as digital, you loose the key all the
mail becomes just as readable unless you deleted it all after
reading/replying etc...
Well, right. But, and it's a big but, the protocol
designer cannot do much about it. The system has to
be built to deal with the realities that the user
might stuff up and lose the key.
What does this mean? OT1H, ignoring or assuming it
away can lead to errors in both directions. OTOH,
there isn't much that can be done except offer the
user the choice of the system under each of two
assumptions: a) you might lose your key, or b)
you take good care and the key is secure.
This is what makes protocol design so interesting -
walking the fine line presented by unknowables that
might be in conflict.
iang
_______________________________________________
mozilla-crypto mailing list
[EMAIL PROTECTED]
http://mail.mozilla.org/listinfo/mozilla-crypto
