Looking for feedback on Passive Privacy System
Robin O'Leary
gnupg-devel@ro.nu
Thu Mar 15 22:27:11 2001
--LZvS9be/3tNcYl/X
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Thu, Mar 15, 2001 at 11:45:54AM -0500, Aaron Sherman wrote:
> On Thu, Mar 15, 2001 at 11:33:25AM +0000, Robin O'Leary wrote:
> > The Passive Privacy System proposal only considers the key exchange
> > process. It is hard to see how the key exchange protocol could make an
> > initial offer, having no shared knowledge, while also being undetectabl=
e.
> > So the key exchange has to be open. What you do with the keys then is
> > up to you and correctly not specified by PPS.
>=20
> Gee, I feel kind of odd. PPS *does* require that encryption be performed
> after initial key-exchange.
Well, it would be a bit silly to exchange the keys and not
use them, but it is still true that no specific encrytion
technique is required to use PPS. Whether you then want to use
`gpg --encrypt' or `snakeoil --stego' doesn't matter, as long
as both parties agreed to do it the same way. PPS just gives
them a way to agree and to exchange keys; it doesn't have to
do the crypto itself.
Robin.
--=20
R.M.O'Leary <gnupg-devel@ro.nu> PO Box 20, Swansea SA2 8YB, UK
--LZvS9be/3tNcYl/X
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.0 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iQCVAwUBOrEzhuzqYp5jhQYZAQEk8wP+JgxpUGhtfoF3TeLsJMWVyq9bGZKTLNLR
fPfnvfwwRBfEbcq68Ud9rCH91rqEWGboS+jbNUtzjrhTDi/wVFyhzMosmMsy5RaB
v8nfec3NGGAS0mvPBn+E/TP5Saud01oOZOTV4TKG41gabLW7JipgH8wjPlJulGcy
dV9KtQFdkWg=
=Oeeb
-----END PGP SIGNATURE-----
--LZvS9be/3tNcYl/X--