[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Draft Minutes of OpenPGP

To: Ian Grigg <iang@xxxxxxxxxxxxx>
Subject: Re: Draft Minutes of OpenPGP
From: Len Sassaman <rabbi@xxxxxxxxxxx>
Date: Wed, 10 Aug 2005 09:47:09 -0700 (PDT)
Cc: ietf-openpgp@xxxxxxx
In-reply-to: <>
List-archive: <http://www.imc.org/ietf-openpgp/mail-archive/>
List-id: <ietf-openpgp.imc.org>
List-unsubscribe: <mailto:ietf-openpgp-request@imc.org?body=unsubscribe>
References: <> <>
Sender: owner-ietf-openpgp@xxxxxxxxxxxx

On Thu, 4 Aug 2005, Ian Grigg wrote:

> Currently, IM is mostly unsecured (there is this thing
> to do with SSL to the server, but as the threat is on
> the node, that's ignorable).  The way to approach
> securing chat (IMHO) is to layer OpenPGP over the
> top in a transparent fashion.

OpenPGP has a lot of characteristics that one wouldn't particularly want
in an IM privacy protocol. You might want to take a look at the "Off The
Record Messaging" system designed by Goldberg and Borisov. Their WPES
paper addresses the rationale behind ditching the OpenPGP threat model.

http://www.cypherpunks.ca/otr/#docs

(More generally, I agree with the sentiment that ASCII-armored OpenPGP is
important for use with other protocols besides email, and should be the
canonical format for OpenPGP, email and otherwise.)

Follow-Ups:
- Re: Draft Minutes of OpenPGP
  - From: Ian G

References:
- Draft Minutes of OpenPGP
  - From: Derek Atkins
- Re: Draft Minutes of OpenPGP
  - From: Ian Grigg

Prev by Date: Re: Draft Minutes of OpenPGP
Next by Date: "The OpenPGP mail and news header" extenssion
Previous by thread: Re: Draft Minutes of OpenPGP
Next by thread: Re: Draft Minutes of OpenPGP
Index(es):
- Date
- Thread