Re: PGP scripting...
From: Ed Carp (erc@pobox.com)
Date: 01/10/03
- Previous message: Kenneth Buchanan: "RE: PGP scripting..."
- In reply to: Andrew MacKenzie: "Re: PGP scripting..."
- Next in thread: Craig Davison: "Re: PGP scripting..."
- Reply: Craig Davison: "Re: PGP scripting..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 10 Jan 2003 13:30:42 -0600 (CST) From: Ed Carp <erc@pobox.com> To: Andrew MacKenzie <edespot.com!andy@adsl-61-76-31.pns.bellsouth.net>
> > It is impossible to securely automate crypto. Using specialised
> > tamper-resistant hardware minimises risk, but that pesky passphrase is
> > still stored programmatically - it's just inside a black box with semi-
> > proprietary I/O, hardware and algorithms. If using a standard computer
> > to decrypt, it must be protected via additional mechanisms to minimise
> > risk. Semi-automated crypto is more secure - but then someone needs to
> > type a password somewhere. Automated private-key approaches should not
> > be used.
Incorrect. Perhaps the writer hasn't heard of the feature of secure
shell, where one can generate an authentication certificate, exchange it
with another machine, then run a secure shell session with another
machine, securely, WITHOUT needing a password.
--
Ed Carp, N7EKG http://www.pobox.com/~erc 214/986-5870
Licensed Texas Peace Officer
Computer Crime Investigation Consultant
Director, Software Development
Escapade Server-Side Scripting Engine Development Team
http://www.squishedmosquito.com
Microsoft Front Page - the official HTML editor of Al Qaeda
Microsoft Hotmail - the official email of Al Qaeda
- Next message: Jason Coombs: "RE: PGP scripting..."
- Previous message: Kenneth Buchanan: "RE: PGP scripting..."
- In reply to: Andrew MacKenzie: "Re: PGP scripting..."
- Next in thread: Craig Davison: "Re: PGP scripting..."
- Reply: Craig Davison: "Re: PGP scripting..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
