Re: Secure email solution

From: al (allen_at_somplace.com)
Date: 05/11/03 

Date: Sat, 10 May 2003 23:40:55 GMT

Hi Col,
By the way thanks for your reply.
I totally understand what you mean and I didn't say I want a solution
without using a public key.
What I mean is if it is possible for the transaction to be also manage or
watch by a third party Certificate of Authority rather than just me trusting
the receiver's public key, you know just like browsing an SSL webserver that
signed up to a CA that is trusted by your browser compared to browsing an
SSL webserver that just generated their own certificate and your browser
confirms if you want to trust the certificate.
Basically is there a PGP type of solution that uses a third party
Certificate of Authority?
Thanks again,
Al

"Colonel Flagg" <colonel_flagg@NOSOUPFORJ00internetwarzone.org> wrote in
message news:MPG.1926e8182d482147989990@news.charter.net...
> In article <ng7va.134$ag1.19041338@newssvr14.news.prodigy.com>,
> allen@somplace.com says...
> > Hi all,
> > I want to be able to encrypt email messages and attachments and make
sure
> > that only the corresponding recepient can decrypt it.
> > I was able to play with PGP and it works great but the public key needs
to
> > be given to the sender.
> > I am looking for a solution that is very close to PGP but using a
> > Certificate of Authority.
> > Thanks,
> > Al
> >
> >
> >
>
>
> so um, how might I ask, are you going to encrypt/decrypt securely
> without 1) passing public key/obtaining a CA or 2) securely passing the
> password to the recipient?
>
> it's a three step process no matter how you look at it...
>
> 1) obtain a public key or pass the recipient or the sender a password
> (securely)
>
> 2) encrypt the data
>
> 3) send/upload the data.
>
> yes, I know exactly what you're asking for... however, it won't work.
> how do you think this works? you just "magically" grab "something" out
> of the air and expect the recipient to know how to decrypt it?
>
> there's no magic pixie dust.
>
> /me waits on a smartass to try and show me a solution that works without
> a public key, passphrase or "something" that's already uploaded to a
> server. then I will commence to blow a hole right through the middle of
> their theory.
>
>
>
>
>
>
>
> --
> Colonel Flagg
> http://www.internetwarzone.org/
>
> Privacy at a click:
> http://www.cotse.net
>
> Wanna ask a question in Usenet?
> http://www.tuxedo.org/~esr/faqs/smart-questions.html
>
> Everything about Usenet answered:
> http://www.internetwarzone.org/answers.html
>
> America WILL NOT forget 9-11-01

Relevant Pages

  • Re: RSA Encrypt/Decrypt Problems
    ... CAPICOM is extremely easy to use in .NET. ... use CAPICOM, you really need the certificate, not just the public key. ... > then encrypt it with the other public key. ...
    (microsoft.public.dotnet.security)
  • Re: TLS-certificates and interoperability-issues sendmail / Exchange / postfix ..
    ... > to assert that certificate validation doesn't happen, ... this trusted public key store contains public keys of that the ... signed by the CA. this digital certificate is returned to the "key ...
    (comp.security.unix)
  • Re: how do you password protect an email???
    ... Get the x.509 digital certificate from your intended ... recipient (who must first send you a digitally signed message so you can ... get their public key), encrypt your message, send it, and the recipient ... and send the archive file as an attachment. ...
    (microsoft.public.outlook.general)
  • Re: Digital Signatures
    ... using a certificate for each recipient. ... certificate (public key) and the validation chain. ... Encryption and digital signing are most often used by corporations ...
    (microsoft.public.mac.office.entourage)
  • Re: Asymmetric Encryption Using Certificates
    ... Using MS SDK and MS Certificate Server, ... > Our next phase is to develop a system to encrypt some files in the ... > organization using the certificates public key and those with the ...
    (microsoft.public.platformsdk.security)