Hi > From a cryptographical point of view, this would be a dangerous setup. > You're transmitting the same message encrypted (local MX <-> Client) as > well as unencrypted (sending MX <-> local MX). This leaves you open to > a known plaintext attack against your server's private key, because it > gives you an opportunity to gain more and more information about the > key in use, and all you have to do is send regular-looking SPAM to the > user.
Are you sure? Isn't that exactly the point of asymmetric cryptography? The way I see it, TLS and SSL work like this (analogous to PGP): 1. The client connects to the server and obtains the server's public key. The public key is a mathematical recipe to encode (but not decode) a message for a specific recipient. 2. Using this public key, the client encodes the message (cleartext -> ciphertext). Now the interesting part is, that the client isn't able to decode this cipher text he just encoded, because he doesn't have the private key (that's why it is also necessary to always encrypt PGP messages to yourself, otherwise you won't be able to read them later on in your "sent" box). 3. The cipher text is transmitted to the server where it is decoded using the private key. I could now connect to the mail server, obtain the public key and generate as many cleartext/ciphertext pairs as I want and I still would not be able to guess the private key from that information. If what you are saying were true, we at least had an explanation for all that nonsense spam. But it would leave is with a lot of other problems. Daniel _______________________________________________ swinog mailing list [email protected] http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
