> ----------
> From: Tyler Durden[SMTP:[EMAIL PROTECTED]]
> Sent: Monday, November 04, 2002 10:13 AM
> To: [EMAIL PROTECTED]
> Subject: RE: What email encryption is actually in use?
>
> The ever-though-provoking Peter Trei wrote...
>
> "A great deal of highly sensitive internal
> email flows over these links, with the encryption totally transparent
> to the end-users."
>
> This is an interesting issue...how much information can be gleaned from
> encrypted "payloads"? Is it possible for a switch or whatever that has
> visibility up to layers 4/5/6 to determine (at least) what type of file is
>
> being sent? Can it determine at what layer encryption was performed?
> (These
> may be obvious to many of you, but I can only claim expertise in layers
> 0/1,
> and pieces of 2. Ok, I have a working knowledge of 3.) It may be possible
> for hardware that examines large numbers of communiques to pre-determine
> that much is of no interest.
>
>
Most the ones I've seen are IPSEC over IPv4. You might be able to glean
some info from packet size, timing, and ordering, but not much. IPSEC
takes a plaintext IP packet and treats the whole thing as a data block
to be encrypted.
