-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Lloyd Zusman Sent: January 17, 2005 9:54 AM To: [email protected] Subject: [courier-users] Feasibility of encrypting the mail spool.
I'm wondering how much work it would take to add the ability to optionally encrypt the Courier mail spool. [Mitch says:] I would think it'd be pretty major - you'd have to look up keys - do all the work - a number of API's would have to have params or information storage for the keys added, etc. Can I ask what the thinking behind this is? If you can't trust root, nothing is safe - root could always read the keys from a memory dump etc. If you can trust root, directory security should keep people safe... if you worry about media theft, consider an encrypted file system? If you don't trust the platform at all, then maybe you are trying to fix the wrong thing? Write a new mapi provider (or other) that resides on the client and does the work - or use PGP... at least this defers the encryption overhead to the client side... Iirc, at least one version of the web client Sam wrote allowed for GPG - which could be done on windows as well... Just a few musings Cheers m/ ------------------------------------------------------- The SF.Net email is sponsored by: Beat the post-holiday blues Get a FREE limited edition SourceForge.net t-shirt from ThinkGeek. It's fun and FREE -- well, almost....http://www.thinkgeek.com/sfshirt _______________________________________________ courier-users mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
