On Fri, 21 Mar 2014 16:12:10 -0700 (PDT) Joe wrote: JSS> As to protection for incoming messages, if both sides have an S/MIME JSS> compatible email user agent, it would certainly seem as if they should JSS> be able to encrypt outgoing email, at least once they've exchanged keys JSS> via an initial signed email, no?
Even if both sides don't do S/MIME, if a webmail provider allowed users to upload their public key and then used that key to encrypt anything that wasn't already encrypted on arrival, then the data is always protected at rest. Robert -- Senior Software Engineer @ Parsons
signature.asc
Description: PGP signature
_______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
