[ILUG] Question on an encryption system (using OSS)
rcunniff at stp.dias.ie
Tue Sep 13 14:58:52 IST 2005
On Tue, 13 Sep 2005, Proinnsias Breathnach wrote:
> The best way is to encrypt on a per user basis, using their keys (the
> one they care about not giving out). The problem is then that it can't
> really work too well on P2P networks. John's solution is quite elegant -
> especially if coupled with a memory-resident method of decryption on the
> user side. This decryption being based upon the users' personal gpg key
> (the one they won't leak on P2P)
Won't a motivated user just create a throwaway identity with a GPG key,
then stick said GPG key on the same P2P network?
What O'Reilly & Associates did with Safari was rely on *ongoing* value
to prevent people leaking their account details to anyone else. The use
an individual means to make of the service *tomorrow* is the disincentive
to screw ORA today.
But Braun is being quiet about the exact nature of his problem, so I've no
idea if this is relevant...
More information about the ILUG