-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
> PGP and S/MIME are both unable to protect meta-data against an attacker with > intercept capability. > > STARTTLS is unable to protect content against attack by a corrupt system > administrator. > > To have comprehensive security we need both the End 2 End security to protect > the data at rest > and the transport layer security to protect the metadata in motion. Well, yes, of course. But we also have to start somewhere. STARTTLS is reasonably easy to deploy, and many mail services are either already deploying it or are in the process of deploying it. The channel protection with STARTTLS will not protect against compromised servers, and will not prevent providers to comply with national security letters and other subpoenas. But it will prevent the bulk collection of message headers by tapping links, and that's a very good first step. - -- Christian Huitema -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.20 (MingW32) Comment: Using gpg4o v3.2.34.4474 - http://www.gpg4o.de/ Charset: utf-8 iQEcBAEBAgAGBQJS2Mw2AAoJELba05IUOHVQdHwH/RSjp+nR91GMvR9pOOh+axwg Nyaw7EN6EXjsNyY22Ai2Zg993kBCdva4GXiIbmbTJjdpdjO76KLYJWQli7V78+Et ZvrHHVedv0HAU9VthpYcKhfFcbNjnxy8pDWvFOF/UszQUXFk8QB8bZLLndHXBEEP HggaKjVVda5/jCq/jMRIDVk8HyToIUwJaeWysv/U56T56rYiMkXOhnaRQXVYJJ1F SS1tq29M0LKi7+copWNZjBO7keIfnbESs3k3Fc8GPJSW3F8+WoPZlbXGF4SAZFdw bhtNQ8PKjAqMOmnoyP/NC0SZZY/Ck0vP40SV891AeTMwY3g6now2YXUzob6poRw= =doiO -----END PGP SIGNATURE----- _______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
