Re: sending secure docs using imap??

From: Nick Austin (
Date: 07/27/03

Date: Sun, 27 Jul 2003 13:52:58 -0700

Hash: SHA1

On Thu, 17 Jul 2003 18:08:42 +0000, Dimitri Maziuk wrote:

> Johan Mellberg sez:
>> "DukeNM" <> wrote in message
> The advantage here is that users only need to tell their mail client to
> accept server certificate. They don't have to buy/install PGP etc.

While I do agree that it is easier to just go with an encrypted transport
for receiving mail, I also think that in reality it does not buy you very
much extra security.

If these documents are truly sensitive, then you need to use some form of
end to end encryption. If you fail to employ a solution that encrypts the
document before you send it, then you have a plain text version of the
document sitting in the spool on the mail server, and in the received mail
folders on your mail client.

Also, a solution that relies on transport layer encryption suffers from the
fact that man in the middle attacks can be used by an advisory that has
the ability to intercept the protocol and change it (if the end user does
not pay attention to the warnings that there mail client may generate)

Good Luck
Version: GnuPG v1.0.7 (GNU/Linux)


Relevant Pages

  • Re: Firewall and Encryption
    ... I would like to know how far Win XP's encryption is ... Is it 100% safe? ... If it is 100% safe could I encrypt my Outlook ... is still not the most secure mail client. ...
  • Re: Posts with attachments
    ... Mozilla's embedded mail client in case I NEED to send feedback to some ... gpg client at the saved message to decrypt or authenticate it later. ... Speaking of gpg & pine however, I don't think pine directly supports ... (which is to me much more important than "encryption" for mail) ...
  • Re: Wi-Fi question
    ... > Do you use a mail client on the public Wi-Fi? ... >> access point (with no encryption), people can sniff data when being ...
  • Re: Entourage stalls on sending - receiving OK
    ... Receiving mail is no problem - just sending. ... > Happily there is a mail client that they can access to send things out as a ... network had a block on port 25. ... MVPs are not MS employees - Les MVP ne travaillent pas pour MS ...