Adrian 'Dagurashibanipal' von Bidder
Wed Apr 30 09:19:02 2003
Content-Description: signed data
On Wednesday 30 April 2003 03:15, Joseph Bruni wrote:
> If you were to try to use the Agent Forwarding feature, wouldn't that
> be (potentially) a lot of data over the wire? Maybe you only need to
> pass the session keys around, instead? Agent forwarding would be really
> cool if you logged in to a remote host and were able to decrypt files
> using a private key that was stored on your local computer's USB
> keychain. I don't think you'd want to pass all the data in this
I think you get it right: when I said 'pass the data around' I thought abou=
passing the data around which needs to be decrypted/signed with the actual=
secret key. And this, of course, is only the session key for the block ciph=
and not the whole message.
After all, the session key is only used once, and by decrypting things on a=
remote machine, you trust it to some degree, you only don't want the actual=
secret key leaving your machine (or, ideally, the operation would be done i=
the USB dongle, so the secret key wouldn't even leave that).
The ants in France, stay mainly on the plants.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
-----END PGP SIGNATURE-----
Signature policy: http://fortytwo.ch/legal/gpg/email.20020822?version=1.3&md5sum=14ca616f14682a82cb9cc25c9b34a10d