Re: Branden's mail policies
On Tue, Jun 28, 2005 at 08:48:45AM +0200, martin f krafft wrote:
> also sprach Lionel Elie Mamane <firstname.lastname@example.org> [2005.06.28.0755 +0200]:
>>> If you want secure email, encrypt it. Don't depend on the transport.
>> And the envelope?
> I really doubt that you have set up your mail server so that your
> provider couldn't *trivially* launch a man-in-the-middle attack
No, I haven't. Still, that's an active attack, not passive
eavesdropping. Hence, while still trivial, less so.
> Or do you actually check client certificates?
It wouldn't help, as I'd fallback to non-TLS connection anyway.