"R. A. Hettinga" wrote: > PGP Corp has taken a slightly different tack, adapting its software so that it can > be loaded onto x86 servers to create an email encryption appliance. These proxy > servers live between an email server and client machine or in an enterprise's DMZ; > they are responsible for generating encryption keys and managing the encryption and > digital signing of email, according to enterprise security policies. The appliances > can be clustered for higher availability.
For the record, AFAIK, this approach was invented and deployed by Dr. Ian Brown as his undergraduate thesis, back in 1996 or so. His Enigma used the now ancient Cryptix 2.6 PGP code. I used it for a long time, as my personal proxy, until the newer PGP 4 formats started to dominate. It's a good approach. It trades some sysadmin complexity for the key admin complexity, but it also raises some interesting challenges for deciding when to encrypt, when not to encrypt, and also, when to block outgoing mail that should be encrypted... (I commend the PGP Inc company for being careful with their marketing spiel!) iang --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
