Forwarded message: Subject: Email security user survey Date: Fri, 03 Jun 1994 13:22:32 -0700 From: John Gilmore <gnu@cygnus.com> Let's give Dana some data about PGP users. Please spread... John ------- Forwarded Message Subject: Request for info from Dana C. Ellingen Date: Fri, 03 Jun 94 09:33:50 -0400 From: Mark S Feldman <feldman@tis.com> - -----BEGIN PRIVACY-ENHANCED MESSAGE----- Proc-Type: 4,MIC-CLEAR Content-Domain: RFC822 Originator-ID-Asymmetric: MFMxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJNRDE kMCIGA1UEChMbVHJ1c3RlZCBJbmZvcm1hdGlvbiBTeXN0ZW1zMREwDwYDVQQLEwh HbGVud29vZA==,06 MIC-Info: RSA-MD5,RSA,UrO04KAws35IxkK3iROrfIsWLHc5CXq84Wu9fyJBEAc 4rwYiHlmfKYrc6j2FtIxqts+MT/KT4/De/Qr79Bdg4OW33TZ8umY4QqYmVJlWGvf 5y7686g8+EyTEyku15Pi8 Dana C. Ellingen <ellingen@netcom.com> is preparing a special issue of the Ferris E-Mail Analyzer on security in electronic mail, and would like to get your input. If any of you would like to respond to him, send him email or get in touch with him as follows: Dana C. Ellingen Electronic Commerce Consultant 415.726.9712 (telephone); 415.726.3093 (FAX); ellingen@netcom.com 410 Laurel Ave., Half Moon Bay, CA 94019-1674 Following are his questions. Mark  Note that all answers will be "not for attribution," and will be melded into the overall issue. Vendors, I would like the names of several happy users of your product, even if they have just chosen it and it is not yet installed. I am interested in why they chose to make this move now rather than later, as well as how happy they may be with your product. Questions for Email Security users, for Ferris E-Mail Analyzer: A - What form of security does your firm use for electronic mail and messaging? B - Given the state of turmoil in the industry, why did you choose to be an "early adopter," and to put security into your forms and messaging applications? Why now? C - What problems have you had, having added security? D - What compromises have you had to make to add security? E - Product support: Do you currently use (or are you considering) a commercial product for secure EM? Which one? Why? Are you happy with the support you are getting? F - Interoperability: Do you currently or do you want to exchange secure EM with people outside of your organization? How do you deal with the interoperability problem? G - International: Do you have overseas offices, or do you exchange secure EM with persons outside of the US? Are you concerned about having to cut back on your security to do this? H - Certificates: Do you issue certificates to your users? I - Certificates: If someone else issues certificates, how do establish trust with that organization? J - Certificates: How do you verify the authenticity of a digital signature on a document that you receive? K - Policy: Does your firm have a written policy on electronic mail? Can your firm read its employees' EM? L - Escrowed keys: Do you keep copies of the private keys of the individuals in your firm? Do you think that you should, or that you have the right to do so? M - Integration: How important is it that you have a product that is fully integrated with your existing mail system? N - What did I leave out? What else do you want to discuss? - -----END PRIVACY-ENHANCED MESSAGE----- ------- End of Forwarded Message