On Wed, Jul 30, 2008 at 03:14:50PM +0200, Svein Halvor Halvorsen wrote: > Andrew Gould wrote: > > If I start with Subject line with the word "secure" using my work's email > > system, the email is sent to a secure, web based application where the > > recipients can view the message securely. The recipients receive a message > > that a secure email message is waiting for them there. They have to create > > an account based upon their email address to view the message. They do not > > have to recreate the accounts for future messages. > > > > This system is easy to use; and we don't have to worry about whether the > > recipients have PGP or GPG. Is there an open source application that does > > this? > > How is this secure? Ok, I can see that if the message is served over > https, then the network packages themselves cannot be sniffed > easily. But as long as the recipient did not give you the key to > use, then this is not secure. Why should the recipient trust the server? > > Whether there is an open source solution, I don't know however.
It depends on your definition of "secure" -- which can vary from one circumstance to another. If the emails in question are "company property", there's no reason to consider access to the emails by company officials a breach of security. On the other hand, if sensitive company information is sniffed in plain text on the network, that could be disastrous. From the sound of it, the circumstances the OP described refer to such a situation -- one where strict person-to-person privacy isn't a necessary goal of relevant security concerns. -- Chad Perrin [ content licensed PDL: http://pdl.apotheon.org ] Scott McNealy: "Microsoft is now talking about the digital nervous system. I guess I would be nervous if my system was built on their technology too."
Description: PGP signature