> > It is impossible to securely automate crypto. Using specialised
> > tamper-resistant hardware minimises risk, but that pesky passphrase is
> > still stored programmatically - it's just inside a black box with semi-
> > proprietary I/O, hardware and algorithms. If using a standard computer
> > to decrypt, it must be protected via additional mechanisms to minimise
> > risk. Semi-automated crypto is more secure - but then someone needs to
> > type a password somewhere. Automated private-key approaches should not
> > be used.

Incorrect. Perhaps the writer hasn't heard of the feature of secure
shell, where one can generate an authentication certificate, exchange it
with another machine, then run a secure shell session with another
machine, securely, WITHOUT needing a password.
 --
Ed Carp, N7EKG http://www.pobox.com/~erc 214/986-5870
Licensed Texas Peace Officer
Computer Crime Investigation Consultant

Director, Software Development
Escapade Server-Side Scripting Engine Development Team
http://www.squishedmosquito.com

Microsoft Front Page - the official HTML editor of Al Qaeda
Microsoft Hotmail - the official email of Al Qaeda

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]