-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 When we looked, at work, at the mechanisms by which sensitive e-mail was leaked, we found that the biggest problem was misdirection of e-mail, not eavesdropping.
To secure against this worst problem, we found that PGP had an advantage over S/MIME, because S/MIME calls for the transmission of a certificate chain with any signed message while PGP called for certificates to be in the local keyring before you received a message. The problem is that there are too many people in the world to allow name comparisons to mean anything. So, the only security comes from whether there is a certificate available or not. As long as the only certificates you have on hand are: 1. verified personally by hand (not by some CA) 2. only for those you know personally you have a chance of security. If, instead, you accept incoming certificates, you are accepting certificates from the attacker, chosen by the attacker to fool you into acting some way you shouldn't (like send back some classified document). If you encrypt either in reply to an incoming message or via a certificate found from some server, then you will be encrypting but sending the mail to an improperly selected/verified party. It turns out you can do even better if you label personally held certificates (that you've verified personally) by project or group, so that you can mark some e-mail as being intended for a particular interest group, not for just any of the people whose certificates you happen to hold. It would also be very good if the e-mail agent would have PGP support built in alongside S/MIME, sine PGP users outnumber S/MIME users. - Carl - -- +------------------------------------------------------------------+ |Carl M. Ellison [EMAIL PROTECTED] http://world.std.com/~cme | | PGP: 08FF BA05 599B 49D2 23C6 6FFD 36BA D342 | +--Officer, officer, arrest that man. He's whistling a dirty song.-+ -----BEGIN PGP SIGNATURE----- Version: PGP 6.5.8 iQA/AwUBO+FpDnPxfjyW5ytxEQJtxgCg0gXWdbIjg6Lh8ee6ljH+FPsoTtkAoM2I 71F387pxU6fd8rKDdHvQ8ld4 =/GiC -----END PGP SIGNATURE-----
