Security Basics mailing list archives
PGP email encryption
From: Meni Milstein <meni () msec co il>
Date: Thu, 15 Sep 2005 07:13:00 +0200
I am testing solution for one of my clients that is looking into buying an off the shelf email encryption program. This client is basically dealing with world-wide customers and is looking for the easiest way to send encrypted emails over the internet. Looking at a project like PGP, where you install the PGP Universal on a dedicated server, I really can't find much of a difference between having a secured email server with web access. and here's why. PGP works (basically) as a mail relay. You send an email to someone and that someone receives a notification that a secure email message has been sent to him. He then follows a link to read the message through some kind of web access client that is actually located on MY PGP dedicated server. So the message contents don't really leave my organization. If I were to create a simple mail server, say on a linux box, with SSL capabilities, I would then theoretically have the same secure environment would I not? After all, the encrypting possibilities provided by PGP are more or less standard, aren't they? Also - what if I were to implement POP3 capabilities to that linux mail server? Wouldn't using SSL POP3 and SSL SMTP access give me more or less the same protection? As far as I can see, aside for the fact that PGP sends a notification to the receiving user about the new message, PGP gives me no added value (for email protection). Am I wrong? Sincerely yours, Meni Milstein www.msec.co.il P.O. Box 1124 Ramat Hasharon, Israel 47100
Current thread:
- PGP email encryption Meni Milstein (Sep 15)
- Re: PGP email encryption Alvin Oga (Sep 15)
- RE: PGP email encryption Meni Milstein (Sep 15)
- Re: PGP email encryption Alvin Oga (Sep 19)
- RE: PGP email encryption AragonX (Sep 22)
- Re: PGP email encryption Harrison Holland (Sep 26)
- Re: PGP email encryption Mark Ryan del Moral Talabis (Sep 26)
- RE: PGP email encryption Meni Milstein (Sep 15)
- Re: PGP email encryption Alvin Oga (Sep 15)
- <Possible follow-ups>
- RE: PGP email encryption Jason Albuquerque (Sep 26)