Security Basics mailing list archives
Re: Email Encryption
From: Adriel Desautels <adriel () netragard com>
Date: Wed, 14 May 2008 14:52:09 -0400
Pete,Last time I checked it was fairly easy to crack a password protected winzip file. My suggestion would be that you use PGP based encryption. You can find some good PGP based technology at www.pgp.com or you can use gnupg from gnupg.org.
Regards, Adriel T. Desautels Chief Technology Officer Netragard, LLC. Office : 617-934-0269 Mobile : 617-633-3821 http://www.linkedin.com/pub/1/118/a45 Join the Netragard, LLC. Linked In Group: http://www.linkedin.com/e/gis/48683/0B98E1705142 --------------------------------------------------------------- Netragard, LLC - http://www.netragard.com - "We make IT Safe" Penetration Testing, Vulnerability Assessments, Website Security Netragard Whitepaper Downloads: ------------------------------- Choosing the right provider : http://tinyurl.com/2ahk3j Three Things you must know : http://tinyurl.com/26pjsn Preston Kutzner wrote:
On 14 May 2008 08:08:07 -0000 pete.hill () sit-up tv wrote:Hi there, I am currently running through a PCI program at my company and am looking for recommendations on an email encryption tool. We currently use a licensed version of Winzip, but I have heard that this may not be up to job as far as passing a PCI DSS audit is concerned. Is Winzip good enough? and if not, what should we be using to get a pass on this? Many thanks PeteMore information would be handy to help give a reasonable answer. What OS are you using? What MUA are you using? What are you trying to encrypt in your email? If you're using WinZip currently, I would assume you're just looking to encrypt the attachment. Are you also looking to be able to encrypt (and sign) the entire email message? Is compression necessary for your application? As far as email encryption is concerned, typical methods for this application usually consist of either SSL certificates or PGP/GPG encryption.
Current thread:
- Email Encryption pete . hill (May 14)
- Re: Email Encryption Preston Kutzner (May 14)
- Re: Email Encryption Adriel Desautels (May 14)
- Re: Email Encryption m0untainrebel (May 14)
- RE: Email Encryption Daniel I. Didier (May 14)
- Re: Email Encryption Gregory Boyce (May 14)
- RE: Email Encryption TBarnhart (May 14)
- Re: Email Encryption Adriel Desautels (May 15)
- RE: Email Encryption TBarnhart (May 14)
- Re: Email Encryption Ansgar -59cobalt- Wiechers (May 14)
- <Possible follow-ups>
- Re: Email Encryption khushbu . jithra (May 15)
- Re: Email Encryption khushbu . jithra (May 15)
- Re: Email Encryption Adriel Desautels (May 16)
- Re: Email Encryption Preston Kutzner (May 14)