--
James A. Donald:
> > > it is regrettable that disk encryption is not part of
> > > the operating system -- but if Microsoft put it in
> > > before we had a strong, widely adopted system, they
> > > would doubtless muck it up.Dr Evil > Microsoft does support encrypted disks. So they do: http://www.microsoft.com/WINDOWSXP/pro/techinfo/administration/recovery/DataProtection.doc Unfortunately the default encryption is single DES, which can be broken by anyone with sufficient money and patience. Non US users cannot change this default, and the ordinary US user will not change this default. They now generate a key pair associated with every XP user. Wow! Universal public and secret keys, not one per true name, but one per login identity you create on your PC! At last, the universal public key cryptography infrastructure we have all been waiting for! The documentation says that this key infrastructure is available for everyone, though Microsoft's email program does not seem aware of this. Outlook express insists on certified keys, though very few people, other than web site operators, seem willing to jump through all the hoops needed create and maintain certified keys. Right now these universal keys are only used in file recovery (the symmetric key is encrypted to the administrator's public key.) But if one has universal public key pairs linked to one's computer login, the obvious thing is to use them in communication. Of course there is no one to one relationship between email addresses and login ids, so one would need to wrap the encrypted body in a header that says that it can only be read on machine so and so, by user so and so. --digsig James A. Donald 6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG 3wrXNiWT9aRDvMWloLpd/NtFYuHcd+HGPPfA0651 4zWd4wnG0VtmpEoNV8QUdENb764NqRurUpHZQG8nV
