ietf-openpgp
[Top] [All Lists]

Re: Plausible deniability (a feature to think about)

2005-09-22 08:22:07

On Thu, Sep 22, 2005 at 06:28:33AM -0500, Brian G. Peterson wrote:

We were most concerned with chain of evidence and verifiability, not 
plausible 
deniability.

Different people have different concerns, I suppose.

In the real world, most human rights organizations already have 
extensive methods of verifying information that is provided to them, and 
informers have elaborate methods of communicating that information, that only 
rarely involves electronic communication, encrypted or otherwise, becasue of 
the danger of interception.

The "real world" keeps changing. If you can make something cheaper, more
reliable, simpler, etc., why stop short of doing so?

Also, I am not convinced that what you're stating is universally true.
AFAIK, PGP has been quite popular with activists since its very first public
releases.

In a country (like China) where much/most 
private use of encryption is disallowed anyway, sending *any* encrypted 
message is a risk that most human rights workers and informers will not take.

The world is not black and white. "Countries like that"  are not the only
places where basic human rights are under assault, and not even necessarily
by the government. There's a large number of considerably
less-than-democratic  governments that for one reason or another must
maintain  a democratic facade. And again, the government is not necessarily
the threat you're caring about.

I don't think that OpenPGP needs a new shared-secret method of communication, 
or that the spec needs another wrinkle for implementors to chew on.

It would be obviously optional, and as outlined in the first email of the
thread, not much of a trouble to design or implement.

Bests,

-- 
Daniel