On Fri, Mar 21, 2014 at 8:27 AM, Ted Lemon <[email protected]> wrote: > On Mar 21, 2014, at 7:40 AM, Robin Wilton <[email protected]> wrote: > > Even if an email goes from my browser to Google's servers over https, > and goes between Google's servers over https, I did not see a commitment to > encryption of the email when it is at rest, rather than in motion... > > Best is the enemy of good enough. To compromise your mail on the server, > they have to compromise the server. To compromise it in flight, they just > have to tap the network. >
Mail on the server is precisely what PRISM went after. <http://en.wikipedia.org/wiki/PRISM_(surveillance_program)> Which would you rather do, dig up a sub-sea cable, or tap a server admin on the shoulder? --Richard > > _______________________________________________ > perpass mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/perpass >
_______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
