On Wed, 2007-07-04 at 13:56 -0700, Alex Daniloff wrote:
Hello SuSE folkz,
First your wrong only public keys should be exchanged. The list will have a public key which the subscribers will use to when sending messages to the list. In turn the list will use the keys of the user to encrypt messages to them and send them out. Your risk comes from outside agents who would seek to capture the server. Herein lies the risk which requires the use of memory not hard drive to store the lists public and private keys. If they reside in volatile memory then they can not be captured. If your really smart the host will reside headless in a confined space with a proximity alarm which reboots the server if the server is disturbed thus destroying the list keys. Using this protocol you have one final risk; picking who can be trusted to join the list since anyone once joining will still be able to read all messages but no business or government will be able. This is the basis of the Spitzer protocol. I have discussed it only a few times. No one has implemented it as of yet, though it would be ideal for use by both government and political activists. It has one primary risk as do all systems the people using it; who must be trusted to be mindful PKI and physical security of their systems. In this age of post 911 diminished freedom in America and increased, unlawful spying on civilians outside America we should all have copies of the source code and binaries of gnupg. -- ___ _ _ _ ____ _ _ _ | | | | [__ | | | |___ |_|_| ___] | \/ | \ /|\ || |\ / |~~\ /~~\ /~~| //~~\ | \ / | \ || | X |__/| || |( `--. |__ | | \| \_/ / \ | \ \__/ \__| \\__/ -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org