On Wed, 11 Sep 2002, Carles Xavier Munyoz [iso-8859-1] Bald� wrote: > Ok, but when the email is delivered to the user mailbox or to the MTA > queue it is in plain text, isn't it ?
Some of those are also crypted. End to end PGP has a number of usability issues which make it "geek chic" now and not easy for joe average luser. > > At some point, I (and lots of other admins) will start refusing > > unencrypted sessions. I've already switched off ALL unencrypted POP3, > > IMAP, FTP and terminal(telnet) sessions and am working on NNTPS next. > > Yes, I agree, but this point is still far :-) I disagree. When SMTP AUTH was first released, I predicted that it wouldn't become widely used until 2005. It's already at high usage levels, so is TLS. The main holdup on TLS usage is that most admins don't enable it for _outbound_ mail server-server transfers. It's trivial to do this with sendmail and postfix and it doesn't have to be kept restricted to MUA-MTA sessions. The _main_ problem with PGP and GPG has been the patent and copyright issues, with the current owners refusing to develop things any further or opensource what's available. That leads to major legal issues if used in the major mail packages which I can understand most authors wanting to avoid. AB
