Path: utzoo!attcan!uunet!lll-winken!lll-lcc!ames!mailrus!umix!b-tech!zeeff
From: zeeff@b-tech.UUCP (Jon Zeeff)
Newsgroups: comp.mail.elm
Subject: Re: Whatever happened to "Elm - the MAILER" ??
Keywords: RFC822 Encryption
Message-ID: <4599@b-tech.UUCP>
Date: 7 Jul 88 13:44:43 GMT
References: <470@altnet.ALTOS.COM> <278@clout.Jhereg.MN.ORG> <485@altnet.ALTOS.COM> <10291@ncc.Nexus.CA> <1060@datapg.DataPg.MN.ORG> <520@a <23@n0atp.UUCP> <10305@ncc.Nexus.CA> <560@altnet.ALTOS.COM>
Reply-To: zeeff@b-tech.UUCP (Jon Zeeff)
Organization: Branch Technology Ann Arbor, MI
Lines: 38

In article <560@altnet.ALTOS.COM> edc@altnet.UUCP (Eric Christensen) writes:

>programs for these nasty little tasks. I think we should provide one PD crypt
>with the Elm sources, so everyone who uses Elm will have access to the same
>routine, but they have the option of using their own if so desired.   
>
>RFC 822 deals with this issue, and as such I believe that we should do it in
>the same way. (We ARE trying to be fully RFC 822 compliant, are we not?)
>
>soon. As it is, the 2.0 release will just have the crypt stuff ifdefed out. But
>I would really like to agree on what to do with future releases. If we've got
>

I propose that the current encryption code in elm be pulled out and 
put into a separate program (mailcrypt?) that elm will invoke.  Do use 
the RFC 822 method of indicating encryption in the header.  This is 
backward compatible, doesn't need any ifdefs (elm could invoke 
mailcrypt automatically or you can use | mailcrypt) and is flexible 
(in case someone wants to use something like crypt and 
uuencode/uudecode).  Perhaps mailcrypt and crypt/uuencode should be 
registered rfc 822 encryption program names.  

I'd be really disappointed if I sent mail to someone who I knew used 
any version of elm and they replied that they couldn't decrypt my 
mail.  The mailcrypt program could be distributed separately from elm 
and might become a standard.  Make it smart enough to encrypt/decrypt 
the whole message body if there are no [encode] statements; possibly 
make it smart enough to recognize lines that are/are not encoded.  
Just do a good enough job that MH, mailx, and MUSH users can use it.  

I assume that elm is using crypt(3c).  As far as everyone seems to know,
this is not easily breakable as crypt(1) is.  If someone does find a way to
break it, then all the unix passwords are in trouble.



-- 
Jon Zeeff           		Branch Technology,
uunet!umix!b-tech!zeeff  	zeeff%b-tech.uucp@umix.cc.umich.edu