RE: Encrypted emails

• Previous message: Steve: "Re: Telling prospective wi-fi customers they are open to hacking"
• In reply to: John Madden: "Encrypted emails"
• Next in thread: Derek Nash: "Re: Encrypted emails"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: "'John Madden'" <chiwawa999@yahoo.com>
Date: Fri, 11 Mar 2005 10:45:03 +1100

Hi John,

If you're concerned with key exchange and employee learning difficulties,
then a PGP product called PGP Universal might be a good solution for you.

The keyserver sits 'next' to the mail server and takes care of the key
management and encryption/decryption of emails - it occurs transparent to
the user, and you only need to update one central location with new public
keys and it will look after the distribution. It can also do some pretty
cool things with SSL collection of emails for external users who don't have
access to PGP.

If you're after some more info, email me and I can give you a more detailed
rundown or point you in the direction of the right people to talk to (I'm
not a vendor ;-)

Cheers,
Craig.

-----Original Message-----
From: John Madden [mailto:chiwawa999@yahoo.com]
Sent: Thursday, 10 March 2005 8:30 AM
To: security-basics@securityfocus.com
Subject: Encrypted emails

Hi,

Looking at the potential deployment and solutions for encrypted emails i had
a few questions.

What do large organization do to ensure that email are securely transfered
with a partner/customer for sensitive data ?

Using public/private keys seems like a whole lot of problems...

- How do you exchange keys ? Manually ? This might be ok for a couple of
recipient but can you imagine hundreds/thousunds at different companies...

- PKI, having to deal with the infrastructure could be a nightmare.

- Employees learning curve....

Are companies using an encryption software that will encrypt the
messages/attachments and transmit the password to decrypt by phone ?

I would like your comments/suggestions.

Thanks

John

        
                
__________________________________
Celebrate Yahoo!'s 10th Birthday!
Yahoo! Netrospective: 100 Moments of the Web
http://birthday.yahoo.com/netrospective/

• Previous message: Steve: "Re: Telling prospective wi-fi customers they are open to hacking"
• In reply to: John Madden: "Encrypted emails"
• Next in thread: Derek Nash: "Re: Encrypted emails"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: newbie question ... reverse-engineerable form, much like PGP. ... if your email vendor decides to turn over your emails to any ... keys / data stores in hidden truecrypt volumes to add another layer. ... The NSA has designated Norwich University a center of Academic Excellence in Information Security. ... (Security-Basics) Re: Checking a foolproof algorithm. ... > We have the same interest in encryption/decryption and programming. ... > I send my friend the encrypted message along with the 2 prefixed keys. ... > then attempts to write a decryption program to break the coded message ... your keys known to your attacker but not the algorithm... ... (sci.crypt) Re: Old VPC updates posted ... I have posted my PGP keys and created detached signatures for all the ... the signatures have downloaded with the .SIG extension ... (microsoft.public.mac.virtualpc) Re: Hack PGP on xasamail.com ... > couldn't be copied by the backup system. ... > left with a few PGP files without any keys. ... > around on the net and I have the password to the secret file but ... (Security-Basics) Re: Confidentiality of email ... you seem to have difficulty reading. ... "To the OP I would suggest looking at PGP or SMIME if you need to send ... sendmail or a derivative) you could go with an email gateway to email ... How to exchange keys. ... (microsoft.public.security)