Eugen* Leitl a href=http://leitl.org;leitl/a writes:
The passphrase locking idear won't fly, but a biometrics-lockable
wallet could. Isn't part of Pd envelope goal establishing a tamper-proof
compartment? We know Pd is evil, but once hardware support is everywhere,
one can as well use it for
On Mon, Mar 08, 2004 at 09:19:23AM +, Ben Laurie wrote:
And it doesn't even work in theory - once your PC is hacked, the
passphrase would be known the first time you used it.
True, but in the current threat model passphrase snarfing is yet negligible
(keyloggers look for credit card info,
Peter Gutmann wrote:
Eugen Leitl [EMAIL PROTECTED] writes:
A way that works would involve passphrase-locked keyrings, and forgetful
MUAs (this mutt only caches the passphrase for a preset time).
A way that works *in theory* would involve The chances of any vendor
of mass-market software
At 2:21 PM +0100 3/6/04, Eugen Leitl wrote:
Facultative strong authentication doesn't nuke anonynimity.
Perfect pseudonymity is functional anonymity, in my book...
Cheers,
RAH
--
-
R. A. Hettinga mailto: [EMAIL PROTECTED]
The Internet Bearer Underwriting Corporation
Eugen Leitl [EMAIL PROTECTED] writes:
A way that works would involve passphrase-locked keyrings, and forgetful
MUAs (this mutt only caches the passphrase for a preset time).
A way that works *in theory* would involve The chances of any vendor
of mass-market software shipping an MUA where
On Sun, Mar 07, 2004 at 01:26:47AM +1300, Peter Gutmann wrote:
Eugen Leitl [EMAIL PROTECTED] writes:
A way that works would involve passphrase-locked keyrings, and forgetful
MUAs (this mutt only caches the passphrase for a preset time).
A way that works *in theory* would involve The
At 1:14 PM +0100 3/6/04, Eugen Leitl wrote:
Filtering for signed/vs. unsigned mail doesn't make sense, authenticating
and whitelisting known senders by digital signature makes very good sense.
Right. A whitelist for my friends.
Of course, this doesn't help with people you don't yet know.
All
R. A. Hettinga [EMAIL PROTECTED] writes:
If we really do get cryptographic signatures on email in a way that works,
expect 80% of all spam to be blown away as a matter of course.
I think you mean:
If we really do get cryptographic signatures on email in a way that works,
expect 80% of all
At 8:56 AM -0800 3/7/04, Major Variola (ret) wrote:
Sure you will, if the groceries are in front of you, and the purchase or
possession of some of them you don't want associated with anything.
In this case the reputation of the grocer and/or your ability to assay
the
groceries (in meatspace)
At 10:56 AM 3/6/04 -0500, Steve Furlong wrote:
No, pseudonymity lets others identify messages on, say c-punks, as
coming from a particular sender. Reputation can work here, even with no
meat-space identity attached. Anonymity means reputation can't work, so
each message has to be taken on its
On Sat, 2004-03-06 at 10:32, R. A. Hettinga wrote:
At 2:21 PM +0100 3/6/04, Eugen Leitl wrote:
Facultative strong authentication doesn't nuke anonynimity.
Perfect pseudonymity is functional anonymity, in my book...
No, pseudonymity lets others identify messages on, say c-punks, as
coming
/resource/printable/article/0,aid,115094,00.asp
PCWorld.com
Earthlink to Test Caller ID for E-Mail
New systems could fight spam and Internet scams, company says.
Paul Roberts, IDG News Service
Friday, March 05, 2004
ISP Earthlink will soon begin testing new e-mail security technology
12 matches
Mail list logo