[3070] in cryptography@c2.net mail archive
Re: practical encryption
daemon@ATHENA.MIT.EDU (Ian Brown)
Fri Jul 24 18:44:57 1998
From: Ian Brown <I.Brown@cs.ucl.ac.uk>
To: Mok-Kong Shen <mok-kong.shen@stud.uni-muenchen.de>,
cryptography <cryptography@c2.net>
Date: Fri, 24 Jul 1998 18:48:15 +0100
>Your idea is fine. However, 'so easy they don't know it's there'
>is difficult to achieve. Do you mean something, say, that Netscape
>incorporates into its products? There problems can arise.
As you say, it's difficult to get "so easy they don't know it's there" =
without building the crypto right into the program, with the resulting =
problems for mass-market US software. And the NSA of course don't fall =
for the crypto-with-a-hole line either.
But, something I've been working on is an e-mail equivalent to c2.net's =
HTTP tunnelling software. It's a POP3/SMTP proxy that sits on your =
workstation, PGP encrypting outgoing mail where a public key is =
available for the recipients, and decrypting incoming mail where you =
have the appropriate private key. It should work with any mailer that =
uses those protocols (I've only really tested it with Netscape so far). =
All the user needs to do is put in their passphrase at the appropriate =
time -- and that is IT.=20
It would be (hopefully) hard for the NSA to ban POP3 and SMTP ;)
The program's totally free; a beta version is available from =
http://www.cs.ucl.ac.uk/staff/I.Brown/enigma/ although at the moment =
it's only PGP 2.6.x compatible -- I'm working on the v5/OpenPGP =
compatibility, which shouldn't be long in coming.
Ian.
