On Wed, Jul 30, 2008 at 03:14:50PM +0200, Svein Halvor Halvorsen wrote:
> Andrew Gould wrote:
> > If I start with Subject line with the word "secure" using my work's email
> > system, the email is sent to a secure, web based application where the
> > recipients can view the message securely.  The recipients receive a message
> > that a secure email message is waiting for them there.  They have to create
> > an account based upon their email address to view the message.  They do not
> > have to recreate the accounts for future messages.
> > 
> > This system is easy to use; and we don't have to worry about whether the
> > recipients have PGP or GPG.  Is there an open source application that does
> > this?
> How is this secure? Ok, I can see that if the message is served over
> https, then the network packages themselves cannot be sniffed
> easily. But as long as the recipient did not give you the key to
> use, then this is not secure. Why should the recipient trust the server?
> Whether there is an open source solution, I don't know however.

It depends on your definition of "secure" -- which can vary from one
circumstance to another.  If the emails in question are "company
property", there's no reason to consider access to the emails by company
officials a breach of security.  On the other hand, if sensitive company
information is sniffed in plain text on the network, that could be

From the sound of it, the circumstances the OP described refer to such a
situation -- one where strict person-to-person privacy isn't a necessary
goal of relevant security concerns.

Chad Perrin [ content licensed PDL: http://pdl.apotheon.org ]
Scott McNealy: "Microsoft is now talking about the digital nervous
system.  I guess I would be nervous if my system was built on their
technology too."

Attachment: pgpjFykVt5cPR.pgp
Description: PGP signature

Reply via email to