[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Branden's mail policies

On Tue, Jun 28, 2005 at 08:48:45AM +0200, martin f krafft wrote:
> also sprach Lionel Elie Mamane <lionel@mamane.lu> [2005.06.28.0755 +0200]:

>>> If you want secure email, encrypt it. Don't depend on the transport.

>> And the envelope?

> I really doubt that you have set up your mail server so that your
> provider couldn't *trivially* launch a man-in-the-middle attack
> anyway.

No, I haven't. Still, that's an active attack, not passive
eavesdropping. Hence, while still trivial, less so.

> Or do you actually check client certificates?

It wouldn't help, as I'd fallback to non-TLS connection anyway.

-- 
Lionel
Reply to: