PaulDotCom mailing list archives

Re: Identity Based Encryption

From: "Mrs. Y." <networksecurityprincess () gmail com>
Date: Tue, 25 Jun 2013 16:45:10 -0400

My current proposal is using Thunderbird with Enigmail plugin/Gpg,
running via Portable Apps on Ironkey. Truecrypt partitions inside
another encrypted partition whenever possible too.

On 6/25/13 4:23 PM, Oleg Laskin wrote:

I would never recommend anyone to have third-party hold the private key.
Privates should stay private. :)

Have you looked at GPG ? http://www.gnupg.org/ 

It has multi-platform support and is free.  
There is a windows-based software using GPG called GPG4Win
( http://www.gpg4win.org/ ) that provides encryption, email software and
includes an Outlook plugin. 
I've used it in the recent past and it seemed to do the job nicely.

Oleg.


On Tue, Jun 25, 2013 at 4:10 PM, Mrs. Y.
<networksecurityprincess () gmail com
<mailto:networksecurityprincess () gmail com>> wrote:

    1. Free/cheap

    2. The private key can't be held by a 3rd party that may have to produce
    it to the feds without notifying owner.

    3. VERY secure. It's my understanding that the IBE implementation from
    Voltage, while functional and easy to use, has some security issues.

    current proposed solution: Thunderbird with Enigmail plugin via portable
    apps on Ironkey.




    On 6/25/13 4:01 PM, Oleg Laskin wrote:
    > I am curious as to requirements: Are they looking for end-to-end
    > encryption internally or with select clients or with everyone ?
    >
    > IBE seems to provide an option for an on-site gateway as well as
    > cloud-based one: "... Voltage SecureMail can be deployed
    on-premise, or
    > delivered as SaaS from the Voltage SecureMail Cloud™ ..."
    >
    > I have used Cisco's Ironport Mail gateway with encryption options
    in the
    > past: it works but I am not a fan.
    >
    > Symantec has a PGP-based solution. Requirements may help narrow it
    down.
    >
    > Oleg.
    >
    >
    > On Tue, Jun 25, 2013 at 10:00 AM, Mrs. Y
    > <networksecurityprincess () gmail com
    <mailto:networksecurityprincess () gmail com>
    > <mailto:networksecurityprincess () gmail com
    <mailto:networksecurityprincess () gmail com>>> wrote:
    >
    >     I'm in a position to recommend/suggest an encryption solution
    for email.
    >     The audience is *very* sensitive to privacy, but not very
    technical. IBE
    >     seems to solve this, but there are concerns with the PKG
    (private key
    >     generator) being in the cloudl. Thoughts?
    >
    >     _______________________________________________
    >     Pauldotcom mailing list
    >     Pauldotcom () mail pauldotcom com
    <mailto:Pauldotcom () mail pauldotcom com>
    <mailto:Pauldotcom () mail pauldotcom com
    <mailto:Pauldotcom () mail pauldotcom com>>
    >     http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
    >     Main Web Site: http://pauldotcom.com
    >
    >

_______________________________________________
Pauldotcom mailing list
Pauldotcom () mail pauldotcom com
http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom
Main Web Site: http://pauldotcom.com

Current thread:

Identity Based Encryption Mrs. Y (Jun 25)
- Re: Identity Based Encryption Oleg Laskin (Jun 26)
  - Message not available
    - Re: Identity Based Encryption Oleg Laskin (Jun 26)
    - Re: Identity Based Encryption Mrs. Y. (Jun 26)
    - Re: Identity Based Encryption Guillaume Ross (Jun 27)
    - Re: Identity Based Encryption David Maynor (Jun 28)
    - Re: Identity Based Encryption Oleg Laskin (Jun 28)
  - Re: Identity Based Encryption Chris Campbell (Jun 26)