Email security user survey (fwd)

Stanton McCandlish mech at eff.org
Tue Jun 7 18:25:41 PDT 1994


Forwarded message:
Subject: Email security user survey
Date: Fri, 03 Jun 1994 13:22:32 -0700
From: John Gilmore <gnu at cygnus.com>

Let's give Dana some data about PGP users.  Please spread...

	John

------- Forwarded Message

Subject: Request for info from Dana C. Ellingen
Date: Fri, 03 Jun 94 09:33:50 -0400
From: Mark S Feldman <feldman at tis.com>

- -----BEGIN PRIVACY-ENHANCED MESSAGE-----
Proc-Type: 4,MIC-CLEAR
Content-Domain: RFC822
Originator-ID-Asymmetric: MFMxCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJNRDE
 kMCIGA1UEChMbVHJ1c3RlZCBJbmZvcm1hdGlvbiBTeXN0ZW1zMREwDwYDVQQLEwh
 HbGVud29vZA==,06
MIC-Info: RSA-MD5,RSA,UrO04KAws35IxkK3iROrfIsWLHc5CXq84Wu9fyJBEAc
 4rwYiHlmfKYrc6j2FtIxqts+MT/KT4/De/Qr79Bdg4OW33TZ8umY4QqYmVJlWGvf
 5y7686g8+EyTEyku15Pi8


Dana C. Ellingen <ellingen at netcom.com> is preparing a special issue of
the Ferris E-Mail Analyzer on security in electronic mail, and would
like to get your input.  If any of you would like to respond to him,
send him email or get in touch with him as follows:

  Dana C. Ellingen                   Electronic Commerce Consultant
  415.726.9712 (telephone); 415.726.3093 (FAX); ellingen at netcom.com
  410 Laurel Ave., Half Moon Bay, CA  94019-1674

Following are his questions.

 Mark



Note that all answers will be "not for attribution," and will be
melded into the overall issue.

Vendors, I would like the names of several happy users of your
product, even if they have just chosen it and it is not yet installed.
I am interested in why they chose to make this move now rather than
later, as well as how happy they may be with your product.

Questions for Email Security users, for Ferris E-Mail Analyzer:

A - What form of security does your firm use for electronic mail and 
messaging?

B - Given the state of turmoil in the industry, why did you choose to be 
an "early adopter," and to put security into your forms and 
messaging applications?  Why now?

C - What problems have you had, having added security?

D - What compromises have you had to make to add security?

E - Product support:  Do you currently use (or are you considering) a 
commercial product for secure EM?  Which one?  Why?  
Are you happy with the support you are getting?

F - Interoperability:  Do you currently or do you want to exchange 
secure EM with people outside of your organization?  How do you 
deal with the interoperability problem?

G - International:  Do you have overseas offices, or do you exchange 
secure EM with persons outside of the US?  Are you concerned about 
having to cut back on your security to do this?

H - Certificates:  Do you issue certificates to your users?  

I - Certificates:  If someone else issues certificates, how do 
establish trust with that organization?

J - Certificates:  How do you verify the authenticity of a 
digital signature on a document that you receive?

K - Policy:  Does your firm have a written policy on electronic 
mail?  Can your firm read its employees' EM?  

L - Escrowed keys:  Do you keep copies of the private keys of the 
individuals in your firm?  Do you think that you should, or that 
you have the right to do so?

M - Integration:  How important is it that you have a product that is 
fully integrated with your existing mail system?

N - What did I leave out?  What else do you want to discuss?
- -----END PRIVACY-ENHANCED MESSAGE-----

------- End of Forwarded Message







More information about the cypherpunks-legacy mailing list