Lexar Secure Jumpdrives

[Brian Densmore]

> -----Original Message-----
> From: Jason Clinton
> 
> 
> On Tuesday 14 December 2004 11:14, Brian Kelsay wrote:
> > That, my friend, was an awesome post.  This may sound like 
> a simple thing
...
> 
> *chuckle* Thanks for the compliment! I'll add that to my list of 
> awesome-projects-I'll-get-to-someday-soon. ;)
I second Brian's statement.
I would only add one thing to that idea. I would make the script the
default mount command and pass thru the mount command to the
real mount command unless it was one of the "encrypted devices".
Ok two things, I would also add an option to require a password or
passphrase rather than just a public/private key scheme.

> 
> ... easy to _not_ forget. Losing your private key is a very nasty 
> proposition -- 
> publishing revocation certificates is _not_ a fun thing.
> 
Why is that? I would think you would want to do this every so often,
to ensure a bit more security. Especially since it's relatively easy now
to build a really powerful mainframe cheaply, that can do nothing but crack 
private/public keys. Not to mention the fact that the encryption techniques
we thought were so secure turn out to have problems too.

When is there going to be another key signing event?