"R. A. Hettinga" wrote:

> PGP Corp has taken a slightly different tack, adapting its software so that it can 
> be loaded onto x86 servers to create an email encryption appliance. These proxy 
> servers live between an email server and client machine or in an enterprise's DMZ; 
> they are responsible for generating encryption keys and managing the encryption and 
> digital signing of email, according to enterprise security policies. The appliances 
> can be clustered for higher availability.

For the record, AFAIK, this approach was invented and
deployed by Dr. Ian Brown as his undergraduate thesis,
back in 1996 or so.  His Enigma used the now ancient
Cryptix 2.6 PGP code.  I used it for a long time, as
my personal proxy, until the newer PGP 4 formats started
to dominate.

It's a good approach.  It trades some sysadmin complexity
for the key admin complexity, but it also raises some
interesting challenges for deciding when to encrypt,
when not to encrypt, and also, when to block outgoing
mail that should be encrypted...

(I commend the PGP Inc company for being careful with
their marketing spiel!)


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to