At 03:33 PM 9/11/2002, Joseph S D Yao wrote: >On Wed, Sep 11, 2002 at 03:13:11PM +0200, Carles Xavier Munyoz Bald� wrote: >... > > What I'm trying to say since my first email is that for a totally > secure email > > communication, the only solution is peer to peer encryption based on > public > > key cryptograpy. > > Until the moment I have not seen any valid argument against my words. >... > >I think folks are agreeing - somewhat - at the top of their lungs.
To some extent. >For "totally" secure comms, one must have peer-to-peer encryption. >Right now, the accepted means seem to be PGP [not as hard as some >think] or X.509 certs. Or expensive hardware [;-)]. > >THIS DOES NOT MEAN that if you can't have the best, you settle for >nothing! Putting in encryption where you can is still better than >nothing! You just have to educate the users to let them know that >there are still windows for certain traffic [you don't have to >enumerate them], so that they don't go doing stupid things over the >public Internet. Not entirely where some folks are coming from. Using PGP to protect email content does nothing to protect the POP username and password being passed between the user and their mail server. Using TLS provides a secure connection on which that information is exchanged. This is VERY important if there's any insecurity between mail client and server. So, there are indeed cases where TLS is the solution, and where PGP or S/MIME is unable to help. Dan ----------------------------------------------------------------- Daniel Senie [EMAIL PROTECTED] Amaranth Networks Inc. http://www.amaranth.com
