[KLUG Advocacy] PGP & Hushmail On NPR

[greenproc]

> I looked at them before.  Their web interface does all the encryption
> transparent to the user (they only enter their passphrase).  And (IIRC)
> everything is stored on their server encrypted, and the decryption is
> done locally in the browser (Java?) so even the hushmail admin(s) can't
> read your email.

"...When a user wishes to encrypt/decrypt data or verify/sign a 
signature, a connection is automatically made to a Hush Key Server to 
retrieve the necessary Public/Private Key..."

It would seem to be a bad practice to have a third party responsible for 
your Private/Public key pair -- even if they have a "secure" method.


> 
>  - BS
> 
> 
> _______________________________________________
> Advocacy mailing list
> Advocacy at kalamazoolinux.org
> 
>