"David Howe" <[EMAIL PROTECTED]> writes: >at Tuesday, October 01, 2002 3:08 AM, Peter Gutmann ><[EMAIL PROTECTED]> was seen to say: >>For encryption, STARTTLS, which protects more mail than all other >>email encryption technology combined. See >>http://www.cs.auckland.ac.nz/~pgut001/pubs/usenix02_slides.pdf >>(towards the back). >I would dispute that - not that it isn't used and useful, but unless you are >handing off directly to the "home" machine of the end user (or his direct >spool) odds are good that the packet will be sent unencrypted somewhere along >its journey. with TLS you are basically protecting a single link of a >transmission chain, with no control over the rest of the chain.
As opposed to more conventional encryption, where you're protecting nothing at any point along the chain, because 99.99% of the user base can't/won't use it. In any case most email is point-to-point, which means you are protecting the entire chain (that is, if I send you mail it may go through a few internal machines here or there, but once it hits the WAN it's straight from my gateway to yours). Peter.
