Security Basics mailing list archives
Fwd: E-mail Encryption - S/MIME vs TLS
From: "kevin fielder" <kevin.fielder () gmail com>
Date: Mon, 11 Jun 2007 11:28:34 +0100
Hi The best solution will depend on what you are trying to achieve. As mentioned, TLS is usually implemented between two email gateways so would provide a secure mechanism for transporting emails between two networks that are each trusted internally (as the mails are not encrypted when stored on the servers or clients). S/MIME will mean the emails are encrypted a stage further and will not become unencrypted until at the client. Another option you may want to consider is actually encrypting the data separately as part of the email process with a product such as PGP as this allows the recipient of the mail to easily store the data in an encrypted manner thus protecting it at the point of storage as well as in transit. It all depends on the level of risk / security and along with usability / transparency to the user levels that are required or acceptable in your business. Cheers K -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Ansgar -59cobalt- Wiechers Sent: 07 June 2007 12:41 To: security-basics () securityfocus com Subject: Re: E-mail Encryption - S/MIME vs TLS On 2007-06-06 Danux wrote:
Hi experts, we are in the way of implement E-mail Encryption, by now we have two proposals: S/MIME and TLS, we think the last one is better. I would like to know if you have a better solution?
Neither is better or worse than the other, because they do different things. S/MIME enrypts the content of your e-mail, whereas TLS does encryption on the transport level (i.e. encrypts the transport of an e-mail between two hosts). Usually you want both. Regards Ansgar Wiechers -- "All vulnerabilities deserve a public fear period prior to patches becoming available." --Jason Coombs on Bugtraq
Current thread:
- E-mail Encryption - S/MIME vs TLS Danux (Jun 06)
- Re: E-mail Encryption - S/MIME vs TLS elias . tamas (Jun 07)
- Re: E-mail Encryption - S/MIME vs TLS Ansgar -59cobalt- Wiechers (Jun 07)
- Message not available
- Fwd: E-mail Encryption - S/MIME vs TLS kevin fielder (Jun 11)
- Message not available