PGP/SSL/TLS really as secure as one thinks?

• Previous message (by thread): PGP/SSL/TLS really as secure as one thinks?
• Next message (by thread): PGP/SSL/TLS really as secure as one thinks?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, Jun 7, 2013 at 8:25 AM, Joe Abley <jabley at hopcount.ca> wrote:

>
> On 2013-06-07, at 11:14, Jeroen Massar <jeroen at massar.ch> wrote:
>
> > On 2013-06-07 06:50, Dan White wrote:
> > [..]
> >
> > A nice 'it is Friday' kind of thought....
> >
> >> OpenPGP and other end-to-end protocols protect against all nefarious
> >> actors, including state entities.
> >
> > If you can't trust the entities where your data is flowing through
> > because you are unsure if and where they are tapping you, why do you
> > trust any of the crypto out there that is allowed to exist? :)
>
> Defence in depth. PGP-encrypt your transport stream and send it over TLS
> with client- and server-side certificate validation with a restricted CA
> list on each endpoint. Using IPSec. Through tor. With the plain-text
> littered with code words that are meaningless except to your intended
> recipient, taken from a pre-shared (in-person) code book that changes every
> day.
>
> Then your facebook sessions will be secure.
>

I was most of the way there, except I couldn't figure out
how to get a pre-shared codebook to all 5,000 of my
facebook friends with minimal overhead...

And then it hit me...DIANETICS!

Thanks to you, L. Ron Hubbard, my code distribution
challenges are a thing of the past.  Just keep churning
out the endless volumes, and the rotating cypher-key
system will last for decades!

Matt

(for the humour-impaired:  ;-P )

• Previous message (by thread): PGP/SSL/TLS really as secure as one thinks?
• Next message (by thread): PGP/SSL/TLS really as secure as one thinks?
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]