Looking for feedback on Passive Privacy System

Robin O'Leary gnupg-devel at ro.nu
Thu Mar 15 22:27:11 CET 2001

On Thu, Mar 15, 2001 at 11:45:54AM -0500, Aaron Sherman wrote:
> On Thu, Mar 15, 2001 at 11:33:25AM +0000, Robin O'Leary wrote:
> > The Passive Privacy System proposal only considers the key exchange
> > process.  It is hard to see how the key exchange protocol could make an
> > initial offer, having no shared knowledge, while also being undetectable.
> > So the key exchange has to be open.  What you do with the keys then is
> > up to you and correctly not specified by PPS.
> Gee, I feel kind of odd. PPS *does* require that encryption be performed
> after initial key-exchange.

Well, it would be a bit silly to exchange the keys and not
use them, but it is still true that no specific encrytion
technique is required to use PPS.  Whether you then want to use
`gpg --encrypt' or `snakeoil --stego' doesn't matter, as long
as both parties agreed to do it the same way.  PPS just gives
them a way to agree and to exchange keys; it doesn't have to
do the crypto itself.

R.M.O'Leary <gnupg-devel at ro.nu>  PO Box 20, Swansea SA2 8YB, UK
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 360 bytes
Desc: not available
Url : /pipermail/attachments/20010315/6c8f9887/attachment.bin

More information about the Gnupg-devel mailing list