Self Decrypting Archives
Fri Jun 20 06:42:02 2003
Not sure what industry Jeff is in. In the health care industry in the US we
can simply point to the HIPPA regs and tell our vendors that need to run
something compatible with PGP and provide us with their public key.
Had one vendor that insisted on generating a new public key for us to use!
I've always wondered how they kept track of which pass phrase to use when
they had to decrypt.
Thankfully cooler heads prevail here and I could simply provide them with
the same Public key we provide everybody else.
But, to the point for Jeff. I'd simply ask them for their public key and
state that you'll send them an encrypted file.
Since we encrypt on a Linux box, it would be impossible for us to send a SDA
to those vendors that use Windows (and I know of at least two -- wish them
luck everytime we ship a file as they forget about the LF versus CR LF
From: John B [mailto:Yochanon@tds.net]
Sent: Thursday, June 19, 2003 4:50 PM
Subject: Re: Self Decrypting Archives
-----BEGIN PGP SIGNED MESSAGE-----
On Thursday 19 June 2003 16:07, Jeff Herrin wrote:
> Nobody is actually clicking on anything. The file creation, the
> the FTP transfers, the decryption is all done automatically by scripts
> are designed to specifically handle SDAs. I know they have the ability
> their commercial version of PGP to handle whatever I send them but their
> system is specifically looking to read from an FTP folder and decrypt it
> an SDA.
> Jeff Herrin
So tell them how *insecure* it is. It won't take any longer to truly
a message/whatever than to make the same message/whatever an SDA. Tell them
that if they're worried about being secure, they need to stop the SDA crud
and do it right and tell them they need to quit being so lazy. It's just
plain ridiculous to have a paid-for version of PGP on a windows machine, and
just use it for SDA's, it's just simply ludicrous.
"You will bring ussss.....A SHRUBBERY!"
These guys looked dangerous...and hungry,
so to placate them until I found a shrubber,
I fed them an MSN butterfly. They dined
quite happily it seemed.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
-----END PGP SIGNATURE-----
Gnupg-users mailing list
We're Moving June 20th!
600 University St, Suite 1400
Seattle, WA 98101
CONFIDENTIALITY NOTICE: This e-mail message, including any attachments, is for the sole use of the intended recipient(s) and may contain confidential and privileged information. Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply e-mail and destroy all copies of the original message.