public-key: the wrong model for email?
Anne & Lynn Wheeler
lynn at garlic.com
Sat Sep 18 12:19:20 EDT 2004
At 12:53 PM 9/16/2004, Ed Gerck wrote:
>If the recipient cannot in good faith detect a key-access ware, or a
>GAK-ware, or a Trojan, or a bug, why would a complete background
>check of the recipient help?
a "complete audit and background check" ... would include an audit of the
recipient ... not just the recipient person .... but the recipient ... as
in the recipient operation.
so given sufficient sender concern, checking might be similar to something
that the federal reserve has specified for a fedwire terminal .... although
the announcement about allowing fedwire access via the internet has raised
some eyebrows. i'm sure that such things don't happen .... but could all
the stuff about swift providing internet-oriented services been some
motivation?
the issue for the sender is that they could be concerned about a number of
different possible vulnerabilities ... and complete audit and background
check would be to try and cover all the bases ... aka the leakage of a
classified document wouldn't solely be restricted to technical subversion.
--
Anne & Lynn Wheeler http://www.garlic.com/~lynn/
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list