Hi Paul,
At 03:40 AM 25-05-2018, Paul Smith wrote:
I wish that was the case, but it's not what GDPR says, certainly for
SMTP relay services
The organization running the service would be the "processor". Did
you ask the ICO whether there is any guidance for a SMTP service?
Regards,
-sm
I suspect in practice they are going to DTRT and only enforce against
violations of the spirit.
On 05/25/2018 10:14, Rolf E. Sonneveld wrote:
Hi, Paul,
On 25-05-18 11:46, Paul Smith wrote:
I've been going through some GDPR stuff. Amongst other things, we
provide SMTP relay services to some
On 05/25/2018 04:49 AM, Paul Smith wrote:
If the software can decrypt its own encrypted data automatically, then
the decryption key/method is on the PC, so not going to stop a
determined attacker.
I don't know if this exists or not, but I could see how files
(independently of disk
On 05/25/2018 04:32 AM, Leo Gaspard via mailop wrote:
Just for the record, OpenSMTPD supports queue encryption with the `queue
encryption` option.
Nice.
I'll have to look into that, particularly how it does things. I'm
assuming that it encrypts / decrypts individual files / message stores.
Encryption of data stored on disk that is resistant to these types of
attacks is not impossible, assuming that the keys are stored somewhere else.
The pieces are mostly available, from trusted boot through software
attestation and more.
I won't say what we do is impossible to break, but it's
> On May 25, 2018, at 4:40 AM, Paul Smith wrote:
>
>>> But, how it interacts with email, it all seems to get very horrible. I
>>> suspect the *intention* is OK, but I'm struggling with the actual
>>> regulations.
>>>
>> Whilst this specific article (written by Andrew
Hi,
There is a difference between being a "processor" and "telecommunications".
The telecommunications laws are different, more strict sometimes. I know
what the difference was in Dutch law, not sure in the EU area.
Yours,
David
On 25 May 2018 at 15:51, Renaud Allard via mailop
On 05/25/2018 12:14 PM, Rolf E. Sonneveld wrote:
Yes, dealing with exactly the same kind of problem(s). One of my
customers asks me to sign for the fact that mail is encrypted when
handling it. However, using standard MTA software, messages that are in
the queue waiting to get delivered,
On Fri, May 25, 2018 at 12:13:15PM +0100, Jeremy Harris wrote:
> On 25/05/18 11:49, Paul Smith wrote:
> > Disk encryption is great on a laptop. Not sure it is anywhere else.
>
> It does mean you don't have to secure-destroy that sour disk you
> swapped out from the raid set.
This is the main
On 25/05/18 11:49, Paul Smith wrote:
> Disk encryption is great on a laptop. Not sure it is anywhere else.
It does mean you don't have to secure-destroy that sour disk you
swapped out from the raid set.
--
Jeremy
___
mailop mailing list
On 25/05/2018 11:22, Stefano Bagnara wrote:
On Fri, 25 May 2018 at 11:55, Paul Smith wrote:
[...]
If someone sends a message from the UK to someone in the USA, by
definition, we must send that email outside of the EU. When we send the
email, we are sending personal data (eg
On 25/05/2018 11:14, Rolf E. Sonneveld wrote:
Yes, dealing with exactly the same kind of problem(s). One of my
customers asks me to sign for the fact that mail is encrypted when
handling it. However, using standard MTA software, messages that are
in the queue waiting to get delivered, are
On 25/05/2018 11:33, Graeme Fowler wrote:
On 25 May 2018, at 10:46, Paul Smith wrote:
But, how it interacts with email, it all seems to get very horrible. I suspect
the *intention* is OK, but I'm struggling with the actual regulations.
Whilst this specific article (written
On 25 May 2018, at 10:46, Paul Smith wrote:
> But, how it interacts with email, it all seems to get very horrible. I
> suspect the *intention* is OK, but I'm struggling with the actual regulations.
Whilst this specific article (written by Andrew Cormack of Jisc UK) pertains to
On 05/25/2018 12:14 PM, Rolf E. Sonneveld wrote:
> Yes, dealing with exactly the same kind of problem(s). One of my
> customers asks me to sign for the fact that mail is encrypted when
> handling it. However, using standard MTA software, messages that are in
> the queue waiting to get delivered,
Hi, Paul,
On 25-05-18 11:46, Paul Smith wrote:
I've been going through some GDPR stuff. Amongst other things, we
provide SMTP relay services to some customers, so are a 'Data
Processor' under GDPR. In itself, that's OK as our own operations are
GDPR compliant.
But, how it interacts with
16 matches
Mail list logo