<div dir="ltr"><div class="gmail_extra"><br><div class="gmail_quote">On Thu, Nov 3, 2016 at 4:06 PM, Henry Baker <span dir="ltr"><<a href="mailto:hbaker1@pipeline.com" target="_blank">hbaker1@pipeline.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">FYI --<br>
<br>
<a href="https://wikileaks.org/podesta-emails/emailid/43625" rel="noreferrer" target="_blank">https://wikileaks.org/podesta-<wbr>emails/emailid/43625</a><br>
<br>
Fw: hey</blockquote><div>...... </div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<br>
I was struck by the memo partly because it was first I had heard of it but much more because it was a sensitive doc bumping around on public email addresses.<br>
<br>
There is a very real threat to the security of our documents (particularly sensitive ones like the one you worked up), and we need to protect them by at least encrypting them.</blockquote><div> </div><div><br><br>So what did this wiki leak message tell us that we did not suspect or know?<br></div><div><br></div><div>I wonder what sensitive implies? <br>I also wonder what the option to public email addresses is?</div><div><br></div><div>It sounds to me as if he might have known about the big slurp in Yahoo.com</div><div>and perhaps Google. A public email would also be *.gov server to me.</div><div><br></div><div>The news is hot after private email servers like HC but this WL document implies</div><div>to me that private servers have the potential to be more appropriate</div><div>for sensitive messages. The news would have it be .gov to allow </div><div>a FOI request to come to play but that might be self serving for FoX and CNN.<br><br>Option example: If Henry and I wished to have private communications I might</div><div>setup a private server (local only) that we would connect to via</div><div>ssh or VPN. </div><div><br></div><div>i.e. Security could be done completely inside of barackobama-dot-com </div><div>with well chosen aliases and account names. <br><br>I have often speculated that the state department understood that their</div><div>dot-gov servers were insecure and that would have justified one or more personal server</div><div>behind famous domain names or IP-address. Aliases allow the translation of an</div><div>incoming name@domain to become diff-name@machine.subdomain.domain</div><div>behind a firewall and that be connected to via firewall pin holes. Alias changes<br>and subdomains behind a firewall are invisible and ephemeral. <br><br>Classified documents via electronic channels and US Mail are a tangle.<br>An invoice for toilet paper could (would) be marked: classified, secret, top secret</div><div>the instant the envelope is opened in a federal payment facility.</div><div>Yet it originated with the vendor with no clearance who still retains an unmarked copy.</div><div><br>Cryptography complicates the classification game. It is likely that a message encrypted with </div><div>a specific key be classified because of the key used not the content of the message.<br>In addition to the key used the method used might be classified. i.e. The changes</div><div>to method as the availability of quantum tools on the horizon will prove interesting as </div></div>expected availability of tools in the future and the security window of the content sensitivity</div><div class="gmail_extra">cross.</div><div class="gmail_extra"><br clear="all"><div><br></div>-- <br><div class="gmail_signature"><div dir="ltr"> T o m M i t c h e l l</div></div>
</div></div>