"If you DON'T use encryption, you help the terrorists win"
Eugen Leitl
eugen at leitl.org
Wed Oct 29 09:57:51 PST 2003
On Wed, Oct 29, 2003 at 11:28:08AM -0500, Sunder wrote:
> The biggest hurdle and the thing that will have the most effect is to have
> every MTA out there turn on Start TLS. It won't provide a big enhancement
For the record: it's unreasonably difficult (for a pedestrian
sysadmin such as me) to set up StartTLS. Debian unstable ships
with postfix-tls (albeit not installed as default), but apt-get install
postfix-tls
doesn't take care of the self-signed cert generation, and setting up
/etc/postfix/main.cf for StartTLS support.
It would be a most cypherpunkly undertaking to get that package to do that.
(I have no idea how Debian packages work, unfortunately).
> in terms of security at the ISP level, but it will blind the global
> content search engines everywhere. Except, of course, at those ISP's
> already infected by carnivore boxes - which at least aren't allowed by law
> to capture all traffic, but I wouldn't put money that they'd follow it.
>
> So the first course of action is to convince MTA authors everywhere to
> enable and turn this on. Later, they could drop support for non-TLS
> traffic. It could also help against spamming somehow, as it will cost the
> spammer a few more CPU cycles. (But this will be a very weak deterrent
> against spam.)
-- Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07078, 11.61144 http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
[demime 0.97c removed an attachment of type application/pgp-signature]
More information about the Testlist
mailing list