Great Circle Associates Firewalls
(July 1996)

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: Re: Encryption .. May be i am asking at the wrong place
From: Brian Murrell <Brian_Murrell @ bctel . net>
Date: Mon, 15 Jul 1996 08:02:54 -0700 (PDT)
To: bhalla @ wwonline . com
Cc: firewalls @ GreatCircle . COM
In-reply-to: <199607130409 . AAA12526 @ kimberlite . wwonline . com>

I'm probably going to get stomped for something or another in this, however
nothing ventured...

from the quill of N Bhalla <bhalla @
 wwonline .
 com> on scroll
<199607130409 .
 AAA12526 @
 kimberlite .
 wwonline .
> I was wondering I have read and heard a lot about pgp being the best
> package
> for data encyption which i do believe as well..

The best package for out of stream encryption, probably.

> But why are people still using other data encryption pacakages ..
> Why can't the unix password etc be also encrypted in PGP

Because PGP is not really suited to that task.

You need to separate PGP and RSA public key technology as concepts.  The
latter is a general method of obtaining keys for parties to which you need
to communicate securley, but have not done so in the past (i.e. you have no
channel over which you can exchange keys).  The former uses the latter to
encrypt data for another party, and/or to digitally sign data for another

> Why can't the cellular phones whose numbers are being tracked down by
> scanners not be encrypted in pgp ..

Several reasons.  PGP describes a method for two unintroduced parties to
encrypt and exchnage information.  It is an RSA key exchange as well as
session key selection and encryption.

The Cellular phone thing could probably start with RSA and move on from
there, not really having anything to do with PGP.

RSA is patented in the US and thusly would increase the cost of a cell
phone in a market that probably could not bear it.  There is already a
digital cellular phone (defacto??) standard which boasts security.  I know
very little about cellular phones however.

> Why can't we have pgp for firewalls .. etc ..

Again, because PGP encryption is meant to be done out of stream.  There are
RSA based key exchage systems for stream encryption standards emerging,
however they are not PGP per se.


Brian J. Murrell                                        Brian_Murrell @
 bctel .
BCTel Advanced Communications                                   brian @
 ilinx .
Vancouver, B.C.                                                brian @
 wimsey .
604 454 5279

Indexed By Date Previous: RE: Extending Financial Applications And Protecting via a Firewall
From: Todd Williams <TWilliams @ herald . com>
Next: Re: Dirty Dogs on AOL
From: NetSurfer <netsurf @ pixi . com>
Indexed By Thread Previous: Encryption .. May be i am asking at the wrong place
From: N Bhalla <bhalla @ wwonline . com>
Next: Re: Encryption .. May be i am asking at the wrong place
From: jgeuin @ ix . netcom . com (James L. Geuin)

Search Internet Search