* Sandy Harris: > Recent news stories seem to me to make it obvious that anyone with privacy > concerns (i.e. more-or-less everyone) should be encrypting as much of their > communication as possible. Implementing opportunistic encryption is the > best way I know of to do that for the Internet. > > I'm somewhat out of touch, though, so I do not know to what extent people > are using it now. That is my question here.
It seems to me opportunistic encryption has moved to the application layer, at least as far as Internet mail is concerned. Many MTAs use TLS automatically with whatever certificates they can get. Of course, this only guards against active attacks, but it seems to me that this is a reasonable threat model. At least it's like to hide your important GnuPG-encrypted messages from the casual traffic analyst. 8-> > and that both of FreeS/WAN's successor projects (openswan.org and > strongswan.org) mention it in their docs. However, I don't know if it > actually being used. Didn't Openswan announce that opportunistic encryption is deprecated? My impression was that, according to its creators, Freeswan was mainly about OE, but people used it as a regular IPsec implementation on Linux. Openswan tried to bridge that gap, even while the Freeswan project itself was still active. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]