On Mar 21, 2014, at 4:40 AM, Robin Wilton <[email protected]> wrote: > To pick the obvious nit... > > Even if an email goes from my browser to Google's servers over https, and > goes between Google's servers over https, I did not see a commitment to > encryption of the email when it is at rest, rather than in motion...
To reply with the obvious: It is IMPOSSIBLE to secure data at rest in the context of a webmail system: server control can always enable accessing of all documents when the user logs in to check their webmail. -- Nicholas Weaver it is a tale, told by an idiot, [email protected] full of sound and fury, 510-666-2903 .signifying nothing PGP: http://www1.icsi.berkeley.edu/~nweaver/data/nweaver_pub.asc
signature.asc
Description: Message signed with OpenPGP using GPGMail
_______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
