Re: On the security of e-mails
Daniel,
...Unless you encrypt to a public key belonging to everyone on the mailing
list, which certainly can be done, though this means distributing the
appropriate public/private key pair, so the keys themselves would also
have to be encrypted, probably to each individual user.
Of course, you could also implement something like a bulletin board on
HTTP over SSL instead... or maybe SMTP over SSL to each individual list
subscriber. (insecure; most subscribers don't run their own mail server)
Regards,
Alex.
---
PGP/GPG Fingerprint:
EFD1 AC6C 7ED5 E453 C367 AC7A B474 16E0 758D 7ED9
-----BEGIN GEEK CODE BLOCK-----
Version: 3.12
GCM d- s:+ a--- C++++ UL++++ P L+++ E W++ N o-- K- w
O--- M- V- PS+ PE- Y PGP t+ 5 X- R tv+ b DI--- D+
G e-- h++ r--- y
------END GEEK CODE BLOCK------
On Thu, 25 May 2000, Daniel Taylor wrote:
> The closest reliable method in that area is PGP encryption
> of e-mail. In theory only those people who have the message
> signed with their public key will be able to read it.
>
> In practice I haven't heard otherwise.
>
> The only place where it isn't appropriate to encrypt (maybe only sign)
> is on public mailing lists.
>
> Daniel Taylor Embedded and custom Linux integration.
> dante@plethora.net (612)747-1609
>
> On Thu, 25 May 2000, Sergio Brandano wrote:
>
> >
> > I would like to raise the problem of the security of electronic
> > mail. The problem popped into my mind a while ago, while reading
> > about Italian legislation on the privacy and, in particular, of
> > paper mail. I always wanted to draw the issue to the attention of the
> > ``hi spheres'', but I am now in the UK, and the whole thing went into
> > the limbo. The problem is simply as follows: there is no legislation
> > that enforces the privacy of electronic mail. On the practical side,
> > there is no software method currently implemented at large that
> > allows the receiver, and only the receiver, to read his/her own mail.
> > The secure transmission of mail is part of the whole process.
> > The similar issue can easily be extended to the Internet, where sites
> > (from the very client to the very server) can record your preferences,
> > as if there were a big brother that spies on you and writes all down.
> > An immediate consequence of it are all the SPAM mail selling
> > financial services...
> >
> > Sergio
> >
> >
> > --
> > To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> > with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
> >
>
>
> --
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
Reply to: