On Tue, Jun 11, 2002 at 09:28:21PM +0200, Brandon Friedman <[EMAIL PROTECTED]>
wrote:
> I have been testing pgp with my e-mail client, and it seems to work
> quite nicely.
>
> Is possible to add pgp on the server-side, as oppose to having to load
> it on each client?
It's not possible because of the way PGP is organized. PGP relies on
the keyholder keeping the private keys and their passphrase private;
to put PGP on the server means that the keyholder would have to trust
the server administrator not to abuse the key and passphrase.
Since the *recipient* has to trust the provenance of the key, that
means the recipient would *also* have to trust the server
administrator not to abuse the key and password, and so forth.
That's why PGP is best implemented on the client.
-Rich
--
------------------------------ Rich Lafferty ---------------------------
Systems Administrator/Support Engineer, Network Server Solutions Group
Mitel Networks, Ottawa, ON +1 613 592 2122 (x2513)
---------------------------- [EMAIL PROTECTED] ------------------------
--
Please report bugs to [EMAIL PROTECTED]
Please mail [EMAIL PROTECTED] (only) to discuss security issues
Support for registered customers and partners to [EMAIL PROTECTED]
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Archives by mail and http://www.mail-archive.com/devinfo%40lists.e-smith.org
