Re: PGP scripting...

From: Andrew MacKenzie (amackenz@edespot.com)
Date: 01/08/03

Next message: Jason Coombs: "RE: PGP scripting..."

Previous message: Andrew MacKenzie: "Re: PGP scripting..."
In reply to: Chris Matthews: "RE: PGP scripting..."
Next in thread: Jason Coombs: "RE: PGP scripting..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 8 Jan 2003 14:23:21 -0500
From: Andrew MacKenzie <amackenz@edespot.com>
To: Chris Matthews <chris@masc.ca>

> I believe the original question involved more of a dynamic modification
> of data on the machine's harddrive. If this is the case, and automatic
> encryption/decryption would require the public/private keys.
Actually, modification of the data isn't necessarily a large concern, so
much as an intruder viewing the data. I actually hadn't quite thought of
an intruder modifying the data though. But, since we are not only
encrypting the data, but signing it as well (I hadn't mentioned that) then
perhaps we are covered for that?

> Which key is being used to encrypt the data? If the public key is being
> used (and bear with me; my pgp theory is foggy this morning :), then
> technically anyone that has that public key can corrupt your encrypted
> data. If the private key was used, then anyone with the public key can
> easily decrypt it. This means that both keys need to be kept "secret",
> or am I mistaken on this?
Encrypting with public key, signing with private.

> Perhaps you should propose to your client a reevaluation of what exactly
> you're trying to protect and then try to find an encryption solution
> that more closely matches your requirements.
This is the difficult part (imho). The client (like many) doesn't always
know just what they want, just that they want things secure. From who?
Why? How? They're not sure. They have another security consultant who is
supposedly determining these (and I don't get insight into this).

-- 
// Andrew MacKenzie  |  http://www.edespot.com
// perl -e 'print $i=pack(c5,(41*2),sqrt(7056),(unpack(c,H)-2),oct(115),10);'

application/pgp-signature attachment: stored

Next message: Jason Coombs: "RE: PGP scripting..."
Previous message: Andrew MacKenzie: "Re: PGP scripting..."
In reply to: Chris Matthews: "RE: PGP scripting..."
Next in thread: Jason Coombs: "RE: PGP scripting..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: How to encrypt/decrypt a file
... server. ... The client is given the public key so they can decrypt stuff the ... What you are doing (encrypting with servers private key .. ...
(microsoft.public.dotnet.security)
Re: More CryptImportKey/NTE_BAD_KEY issues
... > generate and maintain a selection of keys to be kept within our own keystore ... > for encrypting this data. ... >> key is apparently a public key that correspond to private key stored on ... >> computer A in a key container that you are opening with CryptAcquireContext ...
(microsoft.public.platformsdk.security)
Re: General PKI Question
... contains their certificate and public key). ... > "If you're encrypting a message your software obtains it from a PKI." ... >> a message your software will attach your digital certificate to the ...
(microsoft.public.security)
Re: General PKI Question
... "If you're encrypting a message your software obtains it from a PKI." ... > encrypt the message with the intended recipient's public key. ... >> message using their private key and the recipients public key, ...
(microsoft.public.security)
RE: using certificates in Outlook for encryption
... they don't know what a public key is from a head gasket. ... > - Go to contacts and open the contact, go to the certificate ... > Encrypting an email is the act of you ... outlook will obtain public keys of other people ...
(Focus-Microsoft)