[146382] in cryptography@c2.net mail archive
Re: [Cryptography] Email and IM are ideal candidates for mix
daemon@ATHENA.MIT.EDU (Ray Dillinger)
Mon Aug 26 14:32:32 2013
X-Original-To: cryptography@metzdowd.com
Date: Mon, 26 Aug 2013 10:40:17 -0700
From: Ray Dillinger <bear@sonic.net>
To: cryptography@metzdowd.com
In-Reply-To: <20130825182811.5db9e3db@jabberwock.cb.piermont.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
On 08/25/2013 03:28 PM, Perry E. Metzger wrote:
> So, imagine that we have the situation described by part 1 (some
> universal system for mapping name@domain type identifiers into keys
> with reasonable trust) and part 2 (most users having some sort of
> long lived $40 device attached to their home network to act as a
> "home server".)
My main issue with this proposal is that somebody identifiable is going
to manufacture these boxes. Maybe several somebodies, but IMO, that's
an identifiable central point of control/failure. If this is deployed,
what could an attacker gain by compromising the manufacturers, via sabotage,
component modification/substitution at a supplier's chip fab, or via
secret court order from a secret court operating according to a secret
interpretation of the law?
Bear
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
