[2729] in cryptography@c2.net mail archive
Re: Secure Office
daemon@ATHENA.MIT.EDU (Bill Frantz)
Wed May 20 14:06:24 1998
In-Reply-To:
<Pine.GSO.3.96.980520091153.3949A-100000@techreports.jpl.nasa.gov>
Date: Wed, 20 May 1998 10:36:18 -0800
To: "Jay D. Dyson" <jdyson@techreports.jpl.nasa.gov>,
Cryptography List <cryptography@c2.net>
From: Bill Frantz <frantz@netcom.com>
At 8:14 AM -0800 5/20/98, Jay D. Dyson wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>
>On Tue, 19 May 1998, Bill Frantz wrote:
>
>> > I have upwards of a dozen keys (mostly expired). I've put
>> >very few on the key servers.
>>
>> Also, there are a number of attacks you can prevent by not allowing your
>> opponent to have your public key.
>
> Namely?
Nonexhaustively: Factoring attacks on RSA. Knowing the public key also
gives access to unlimited plaintext/cyphertext pairs for known plaintext
attacks.
>
>> If you are paranoid, you might decide to treat your public key as a
>> "need to know" item.
>
> And what's to keep Friendly Joe User from submitting your pubkey
>*for* you? Many people I've known submit their entire keyrings to
>keyservers. And most keyservers I know don't honor remove requests
>(though they will honor key revocation certificates).
Nothing, except agreement between the people sharing the keys.
-------------------------------------------------------------------------
Bill Frantz | If hate must be my prison | Periwinkle -- Consulting
(408)356-8506 | lock, then love must be | 16345 Englewood Ave.
frantz@netcom.com | the key. - Phil Ochs | Los Gatos, CA 95032, USA
