[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: MUSE (Mail Ubiquitous Security Extensions) discussion starting
-----BEGIN PGP SIGNED MESSAGE-----
>
> Don Eastlake has written an internet-draft proposing to add signatures
> and encryption to the Internet mail-delivery system. The two big
> differences between his proposal and past proposals are:
>
> * They work at the "sendmail" level, not at the "mail reader"
> level. This doesn't give your mail complete end-to-end protection
> (unless you use "mail reader" encryption like S/MIME or PGP).
> But it's a lot easier to install and maintain; your sysadmin
> can do it for your whole site, instead of having to retrain
> every user.
>
One obvious problem with this is that since sendmail runs
at all times of day or night and since sendmail must have
the decryption keys, this means that the decryption keys may
be in the memory of a computer that may be unattended.
This scheme may be useful for its convenience, but many
users will only be willing to turst the computer with their keys
while there messages are actually being decrypted in their
presence.
Thus, many users will want to super encrypt with their own
personal keys.
Thus I believe that the above scheme should be implemented
for mail security between sites, but it should not be viewed
as a total solution.
- --
Paul Elliott Telephone: 1-713-781-4543
[email protected] Address: 3987 South Gessner #224
Houston Texas 77063
-----BEGIN PGP SIGNATURE-----
Version: 2.6.3
Charset: cp850
iQCVAgUBMV229/BUQYbUhJh5AQFrIgP/eejmxUvAiRtJQfkHyrIZflQ6tQBz1PuB
Oxl31K+xnIYmpgIJHb2M+flpeTlOE+6DyIf3ZTB3UMHRqT1v5VrVmDy0ByrukrjF
KRbJTLO2yuDadZKEGKrm+n1FAleCpwuoQJTem7S5XQQts6FCscqaII61HNBkSC0V
JkDwN8ouYsk=
=YUcS
-----END PGP SIGNATURE-----