"If you DON'T use encryption, you help the terrorists win"

Eugen Leitl eugen at leitl.org
Wed Oct 29 09:57:51 PST 2003


On Wed, Oct 29, 2003 at 11:28:08AM -0500, Sunder wrote:
> The biggest hurdle and the thing that will have the most effect is to have
> every MTA out there turn on Start TLS.  It won't provide a big enhancement

For the record: it's unreasonably difficult (for a pedestrian
sysadmin such as me) to set up StartTLS. Debian unstable ships
with postfix-tls (albeit not installed as default), but apt-get install
postfix-tls
doesn't take care of the self-signed cert generation, and setting up
/etc/postfix/main.cf for StartTLS support.

It would be a most cypherpunkly undertaking to get that package to do that.
(I have no idea how Debian packages work, unfortunately).

> in terms of security at the ISP level, but it will blind the global
> content search engines everywhere.  Except, of course, at those ISP's
> already infected by carnivore boxes - which at least aren't allowed by law
> to capture all traffic, but I wouldn't put money that they'd follow it.
>
> So the first course of action is to convince MTA authors everywhere to
> enable and turn this on.  Later, they could drop support for non-TLS
> traffic.  It could also help against spamming somehow, as it will cost the
> spammer a few more CPU cycles. (But this will be a very weak deterrent
> against spam.)

-- Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07078, 11.61144 http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

[demime 0.97c removed an attachment of type application/pgp-signature]





More information about the cypherpunks-legacy mailing list