What email encryption is actually in use?

Vin McLellan vin at shore.net
Wed Oct 2 06:40:55 PDT 2002

I've always been intrigued by the volume of reports which indicate that 
when hackers or other outlaws raid a corporate site, the first thing they 
do is scan the stored email files of company executives.

Funny, with all the attention focused pushing the user to encrypt email for 
transmission, no one ever suggests that Admins should/could store all email 
on the local mail server in an encrypted format.

Am I wrong, does some mail server do this?  If not, anyone got any 
suggestions for an efficient design?


At 10/2/02, Lucky Green wrote:
>Peter wrote [about the benefits of STARTTLS]:
> > As opposed to more conventional encryption, where you're
> > protecting nothing at any point along the chain, because
> > 99.99% of the user base can't/won't use it. In any case most
> > email is point-to-point, which means you are protecting the
> > entire chain (that is, if I send you mail it may go through a
> > few internal machines here or there, but once it hits the WAN
> > it's straight from my gateway to yours).
>I must concur with Peter. The overwhelming majority of email recipients
>with whom I routinely exchange PGP encrypted email operates their own
>MTAs, located within their trust boundaries. Which should come as no
>surprise, since those with whom I discuss topics requiring secure
>communications tend to be conscious of security and thus like to be able
>to control the properties of their MTA and other network services.
>I also agree that current MTAs' implementations of STARTTLS are only a
>first step. At least in postfix, the only MTA with which I am
>sufficiently familiar to form an opinion, it appears impossible to
>require that certs presented by trusted parties match a particular hash
>while certs presented by untrusted MTAs can present any certificate they
>desire to achieve EDH-level security.
>I am aware that the certs presented by trusted parties could of course
>all be signed by the same CA, but this is an unworkable model in
>personal communications. What is required in practice is a list of
>trusted MTAs with corresponding hashes implemented at the MTA level.
>--Lucky Green

More information about the cypherpunks-legacy mailing list