Re: PGP email encryption

[Mark Ryan del Moral Talabis <talabis () gmail com>]

Yeah, I think you should try out gpg. We've been using it here (using
the 'hard way'). We provided each machine with  GPG, Thunderbird and
the Enigmail plugin.


On 9/21/05, AragonX <aragonx () dcsnow com> wrote:
> <quote who="Meni Milstein">
> > Thank you for your detailed answer!
> > The reason I asked this question in the first place was because the
> > answers
> > I got (and keep getting) from the technical team and sales team at PGP
> > were
> > inconclusive, and certainly WAY off what you are saying.
> >
> > There IS a web client to PGP, and one way to use "email encryption" in PGP
> > (according to the tech team at PGP) is to have the PGP server catch the
> > message after it passed through, say, my exchange server, and instead of
> > sending that message, send another message (notification message) to the
> > receiving end - with a link. The link will lead the user to read the
> > message
> > off the "web messenger" on the PGP server through HTTPS. The access is
> > done
> > using a user entered pass phrase (which according to what you said - is
> > very
> > bad.)
>
> I think the problem is PGP has been turned into more than it once was.  It
> once was a simple public/private key encryption program.  Now it's a
> company with a wide range of products.
>
> Personally, I would avoid PGP as a whole.  The US government has been
> pressing hard to get a back door into their keys.  I'm not sure if they
> have one yet or not.  I'm not sure we would know if they did.
>
> Personally, I would suggest a solution based on gpg instead.
>
> http://www.gnupg.org/
>
> The way I see it, there is an easy way, and a hard way.
>
> 1)  Easy way - setup a web mail server using gpg encrypted messages.
>
>   Disadvantages
>
> 1 - You are relying on ssl encryption to protect the data once the client
> logs on.  You could setup a secure VPN to mitigate this threat.
> 2 - The security of your server is greatly diminished by allowing these
> external users access.
>
>   Advantages
>
> 1 - Easy to setup.
> 2 - Emails remain local and completely under your control.
> 3 - Depending on the countries you do business with, they may not be
> allowed to use gpg.
>
>
> 2)  Hard way - Send messages to your clients using gpg.
>
>   Disadvantages
>
> 1 - You must work with your client's IT staff to get this setup correctly.
> 2 - Messages are out of your control once they leave your server.
>
>   Advantages
>
> 1 - You don't have to maintain the users on your server.
> 2 - Overall security of this setup is better.
>
> This is just the way I see it.  I could be way off base on some things but
> I do feel you should avoid pgp and use gpg instead.