What email encryption is actually in use?
Lucky Green
shamrock at cypherpunks.to
Wed Oct 2 15:39:32 PDT 2002
Ben wrote:
> Lucky Green wrote:
> > I also agree that current MTAs' implementations of STARTTLS
> are only a
> > first step. At least in postfix, the only MTA with which I am
> > sufficiently familiar to form an opinion, it appears impossible to
> > require that certs presented by trusted parties match a particular
> > hash while certs presented by untrusted MTAs can present any
> > certificate they desire to achieve EDH-level security.
>
> This is probably a stupid question, but... why would you want
> to do this?
To protect against MIM attacks on the encrypted tunnel between the trust
domains represented by my friend's MTA and my MTA.
--Lucky Green
More information about the cypherpunks-legacy
mailing list