----- Original Message ----- From: <[EMAIL PROTECTED]> To: <[email protected]> Sent: Tuesday, May 18, 2004 4:17 PM Subject: Re: [brlug-general] to sign or not to
> "Dustin Puryear" <[EMAIL PROTECTED]> writes: > > > This is a good question. I am in a situation now where I need to have > > certain emails encrypted, but it's hard to find a way to support all > > recipients. Most people don't like being told to install XYZ (e.g., PGP) > > just to support one company. > > The counter argument is that there is no such thing as automatic built-in > encryption for email. ie. it's necessarily an add-on with GPG/PGP being > a popular and relatively inexpensive solution. And that is a valid argument. However, it's also true that the IT departments for most companies will be resistant to installing software for the benefit of a single company. Speaking on a related issue, a problem I have with PGP is the inability to have a central skeleton key, ala S/MIME with Exchange, which I think offers that ability. > A possible workaround for your case is a password protected https > site. send links to the recipients so authorized users can access the > protected information in a (more) secure fashion. Yes, but if the email is intercepted then the supposedly protected file can be downloaded. No net gain here. Okay, so what about authenticating the user first? Great. Just email them their key and.. oh wait. How do I protect the key in the email? Encrypt the email of course. So I just.. wait, I'm getting dizzy. Okay, the above is half a joke, but half the truth. What we are thinking of doing now is using a Web-based download and mailing keys off using CDs. --- Puryear Information Technology, LLC Baton Rouge, LA 225-343-3056 http://www.puryear-it.com Author of "Best Practices for Managing Linux and UNIX Servers" Download your free copy: http://www.puryear-it.com/bestpractices_ebook.htm
