[boulder.pm] forwarding a "nonmember" bounce from Joel
Walter Pienciak
walter at frii.com
Tue Jan 16 17:44:40 CST 2001
From: Joel Maslak <jmaslak at antelope.net>
To: boulder-pm-list at happyfunball.pm.org
Subject: Re: [boulder.pm] RFC on encryption approachwq
In-Reply-To: <Pine.BSF.4.30.0101161316250.97578-100000 at io.frii.com>
Message-ID: <Pine.LNX.4.21.0101161402210.12316-100000 at bigsky.antelope.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
On Tue, 16 Jan 2001, Walter Pienciak wrote:
> Obviously, this means encryption.
Only if you use public/private key encryption. If the encryption key can
decrypt the data, then it is NOT secure - period. The reason is that if
the encryption key can decrypt the data, an attacker can grab BOTH the key
and the data.
Here's what I'd do:
On the public system:
PUBLIC Key
Encrypted Data File (watch out for swap space and temporary files!)
It sends the file through some trusted means to the private system. On
the private system:
PRIVATE Key
Decrypted data
I hope this helps. As for which encryption routine, any asymetrical
algorithm should work. PGP would certainly work. I would also sign the
data with a private key stored on the public system (different from the
internal system's private key) so that the internal system can verify that
the right machine sent the data.
--
Joel Maslak
More information about the Boulder-pm
mailing list