secure fax (Re: email Crypto- third party)
adam@cypherspace.org
adam at cypherspace.org
Tue, 3 Aug 1999 00:09:21 +0100
Richard writes:
> In article <1.5.4.32.19990802065733.006c9cf8@192.168.0.65>, Donald
> Ramsbottom <donald@ramsbottom.co.uk> writes
>
> >It may suprise this list to know that many (if not all ) the large London
> >firms of solicitors habitually send correspondence by fax only.
>
> rather than ever generating a real letter ?
>
> > It is
> >cheaper,
>
> cheaper than 26p stamps I assume (or motorcycle couriers).
>
> It is in principle more expensive than email, although minimum pricing
> on telephone calls may obscure this.
>
> > and they know it has arrived as they get a print out that says so.
Why not have fax security which is negotiated between fax machines.
Add say a bump in the line encrypter you plug in between the fax
machine and the phone socket and do secure encryption in the bump.
Or do the same in software with a machine with a modem running fax
software with security extensions.
Do the security so that it negotaties and sends insecure faxes to fax
machines not supporting the security extension, and secure faxes to
those supporting it.
Has a nice smooth migration path towards security, and gives people an
interface and level of assurance of delivery they are used to.
Try to persuade solicitors firms you communicate with to buy and
install the hardware or software.
(Preventing MITM can be left for the version 2 hardware or software;
get forward secret diffie hellman key exchange deployed first).
Adam