Opportunistic Encryption [Was: Keys not trusted]

[Todd]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Jason Harris wrote:
> On Tue, May 13, 2003 at 05:52:47PM +0400, Yenot wrote:
>>     In order to protect the masses, we need opportunistic encryption.
>
> Protect them asses from what and/or whom?

Them asses or the masses?  (I know, often there isn't a difference. :)

> If they don't have a threat model, maybe they have nothing to defend.

One thing that opportunistic encryption helps stop is the passive (and
massive) eavesdropping that is a favorite of police states (e.g. carnivore).

Sure, it doesn't stop MITM attacks, but it does severely limit who can see
your email contents and what it will cost them to try.  Plus, in general,
the increase in encrypted traffic is a benefit to all.  It takes effort for
the eavesdroppers to figure out which messages and users are using weak (or
non-existent) trust models/policies and which users are not.  This slows
them down.  If major governments want to spy on everyone, why not make it as
hard for them as possible?

- -- 
Todd              OpenPGP -> KeyID: 0xD654075A | URL: www.pobox.com/~tmz/pgp
============================================================================
Choose in marriage only a woman whom you would choose as a friend if she
were a man.
    -- Joubert

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)
Comment: When crypto is outlawed bayl bhgynjf jvyy unir cevinpl.

iD8DBQE+wmXxuv+09NZUB1oRApjkAJ9GWgqlTXkMlQoVaZmpxFHjOJ5NLgCfYRoK
gRHKocbGZJ2KHy+acjw7Q/c=
=4jDF
-----END PGP SIGNATURE-----